-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-tkldev_17.2-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-tkldev_17.2-1_amd64.tar.gz
      1ae650f45d259fad0081a0801ab83d332efbcf04b4cbfe732c8526398b4469c2  debian-11-turnkey-tkldev_17.2-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-tkldev_17.2-1_amd64.tar.gz
      97f3aafd5ddcbc3af6e80bad2958f12047b2c74646b4fb2c1331677fb11704277f17fa08a1b3df0f9fbf042f130ed068b300e8912c462dab47f30adba6cb818c  debian-11-turnkey-tkldev_17.2-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-tkldev_17.2-1_amd64.tar.gz.hash
      debian-11-turnkey-tkldev_17.2-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-tkldev_17.2-1_amd64.tar.gz.hash
      debian-11-turnkey-tkldev_17.2-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmQEVSIACgkQHkh6RjHW
/rah8Q//fTvvKbv0suBsFZ02mOS3Dlr3SI2wZ5M3+dBbaJSJ+Z0Fyo88MWAQDYAz
Dq/IGRTLcil6mBbYCY+r7zjCXP7PXtYNrN84x+YsEP1rMUhR6AkJrnaIcviuZDq4
utdNCLoh2vk4YTnFiwWr7Q78SUzQ1+nEHjxHt+OZTA/3O/Rjuu7eN9dGMH54UpKH
j9I0xzE8Y/gSNxCDTl1QfT/DNWYk32Zqx8qho200q+PA4+WnTk/cL3WB6e3ogZiD
sRODvWQGJMBoN2Fw6K7oUYbVnSvGhYAfYLNQttQRc/sHEN9KLXScXxvTZCAlUo9f
JuCp7Y4m+hf14ztws5ginU67PFb9Iv2nCziL+K2AskOOs93JxwvA1SBESeZJhDdS
rl/qFgELccXC4JJUnB/GNsgP2mwawVR6Pah8Erq3hA7q3hDEjsDZ98tognWQHrQq
FfDU0CakAgYAJT2Bmf2eiMtAdrH1hBWWFhFekvBq5Jhtvh6ngpG7RthRAGlWODvB
V295SO7Ql934gf/2DUIHtlO++0MWmizncRcoDhRh2dy+NqDzsHSEK+OuY2S8OFoR
GyDNy4WyFSBDQRPBUCtE5W4TlxSCGKYMMw6waClT8doMWFfFi2wf6kOVEEoXs1XF
WhB2l7T35NpvgTOVpYmSD06U1kD8z3wzUsprl/k4mCj51iTC2/g=
=mxZn
-----END PGP SIGNATURE-----