-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-nodejs_17.1-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-nodejs_17.1-1_amd64.tar.gz
      6c4f69fa01973f039af4aaead0a9726722ca3af8e1eee5bdcc234820623ec175  debian-11-turnkey-nodejs_17.1-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-nodejs_17.1-1_amd64.tar.gz
      c1115efc488c4e935d439ed2d79cca13d120706382a69725d6da87c65cc643bf92ec8e03f1ec6729b089367aa53114fddfd6631382f9c6ee3e0d89e306434a52  debian-11-turnkey-nodejs_17.1-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-nodejs_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-nodejs_17.1-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-nodejs_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-nodejs_17.1-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmM0CTYACgkQHkh6RjHW
/rYpwg/+NtwPQYqFdPh6+Ql1Qhfep0hZ2nZ9O1BKN4H9+m4uNsveuPYRA4lvmxfp
nNl1iUMwgu1lgg84Xi3vsDO3hWmmLR22c041bdWFH6bQxp8WeSr3beFfOzYwF2tT
S9ezcL8CCed7CqVujnCBmEhNh9Cp3g/uNsn+P3kHAvk5jCgpIB2lwJIY7z1tlwTw
MNEi6S27/vFHsz6Pcpj0txe/x4MwwSjM5mMH3n2B9wNS/P023/kEPC8wA7plsjbJ
IeNdhzmSZfMr0+sPyYWTKo2QJJOSJKdPtzZ2anaTa0H5ffswSPnUtczkiAmMIXB7
S94SkBqKyrYcdimQ1o+tBJunzEAdadrhJ1+2Ex9CZ1SUu+X2V+u9GteaxRyAHxNq
/Z5bGEIjLPd7j9vfC5Qo2KKXdndleB0MC6d9/bzrK6T/FkYLzYoHKB7OYbR92ctG
z0KpQZZW8/WPOJxD8NGCJPPC8LtJ7ZFaQll934Y/7iF0KjoJ8pgsSkGz6hmOeA+o
axURrWzAs34bJgkTUx/MWP8h79DbCg1rkYWkJmjVthMAe4uL0pge7T+2zuMeYM9A
SwDvMP1UKp2Z4+uL5I9ybHYE6ugJz8c/MLXLryMcJaQk5SFajjoVYZK9p+PvSKjN
VFXEyDorCGxvQKVzMMUMfMU95Ab8wAXjDtop3YlWGUuhFEVODYg=
=5Cpi
-----END PGP SIGNATURE-----