-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-redmine_17.1-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-redmine_17.1-1_amd64.tar.gz
      2813bbcf58e941f16816ea683106a5d8945bc335eb509f3b1b237f2662c50039  debian-11-turnkey-redmine_17.1-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-redmine_17.1-1_amd64.tar.gz
      a043315be69356b10f78026d9fdc3272987d7ddda91bc88621ea2855fbc042d711e9a656f959c7f46ba26b35cace8ef9b3f0103ba1752196a9895d2f9457b307  debian-11-turnkey-redmine_17.1-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-redmine_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-redmine_17.1-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-redmine_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-redmine_17.1-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmM0CTgACgkQHkh6RjHW
/rZu3w/7B52kCoesWx3mkmmD4B6tVCUEaZE4gV3df1eCNewu9t7g2ELg25gsDjt7
7GWVDqQN2EWCR6gnTveDeuKh01e9TlwrAfY+XS/kCb0gdu4m8H6CPy7aO0uM7Ojy
lnparZkjJGCQAQuFyXG/4sLQfAQpA43xSEPDYSXFBE7D8lCfPjgLf7Z5w+dZIfM7
WsAxpdLXETdEFNJAyJssOF7qZ2Z2Px+XZD6a+n0gSXoXJugbbJKu4n1TWj5eDrIA
Ilrpb1IMz08dtrxRswdybvh+jzElUJWY0Nx1B9BSNUN2VOTfDaLO5pMFPKVwefp/
zVR4pikQW0WigcR+lWUbBBASF3GY9VEad+FCRlFEc7fVfq0nWqSDhtVOubr52KgI
Pk1YtDicHKFwufYsGFFPlXlx+a68cqyymXJL/M5V6Gm9X1NKK8ULxWedRD4iDlRA
n3KdDUM5jupG1GJn9BjWBwb8cNaQV+UvbyNMWZkMbfEaVXd1yRxrwSyAHAjQqjlF
8JUvx51TDXO1e5BGX1CAYFDXI+5AwbimUjNP35Np+tuSAOxrG70Ma46mGFPbi+H8
9LvSPofiEyBld5Q9sMWKROTg6KFCntmuD+FcqXEbV+lDIn1B9+dMh4LUJ7NZWVsG
43KaqRi4Fn8R8w/4iNvJJnvMNs5wGXR3dj9duWb1xKdu+UP0a+k=
=NfJp
-----END PGP SIGNATURE-----