-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify turnkey-core-17.0-bullseye-amd64.iso.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum turnkey-core-17.0-bullseye-amd64.iso
      66b6c0d12e43fda20702a201f9e07e76dfc08e4e894faf9b6ebcdf7a6210af91  turnkey-core-17.0-bullseye-amd64.iso

    $ sha512sum turnkey-core-17.0-bullseye-amd64.iso
      f500357ffb9997798aa69e12eacc77640dc15b2431d74102829d5ceceedbf50b80a9266c527e3528aad88744129a09f64f210535500e71c38f45686434d3f15c  turnkey-core-17.0-bullseye-amd64.iso

   Note, you can compare hashes automatically::

    $ sha256sum -c turnkey-core-17.0-bullseye-amd64.iso.hash
      turnkey-core-17.0-bullseye-amd64.iso: OK

    $ sha512sum -c turnkey-core-17.0-bullseye-amd64.iso.hash
      turnkey-core-17.0-bullseye-amd64.iso: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmJSo0sACgkQHkh6RjHW
/rbkQxAAmZ8DREEWNYk256/puxwy+TxG/38BAPE6F+tq93zSjvfTq3yEmFXIMNT9
0D518orOPSdv9OhK2dJ8qZ9nDeWc54nZRe9rIE4KWnT6RFr7A4FvJ4XCzKsenBNQ
Tn+m2gHNNYhWpvraEE0Arx89ZbKvfjEiWKMnzRMA6DBEdXMhldoenOLvi7sppb2b
6CApqc0b4AAgYSieFr7xf1dDExQyV+OrRzAsEJIiBRuftUSM801QrYiJPwLcju6j
7HWXdbaDDZKDif/fTQu3lkFSndeUU6Y7+zezpJkvjKDTgOGGO68IcNKLL9ym77YO
rvoShmuCwW293BTZ+GAPxNwcqishQ87iq+D69UvSdtDPitztMK7HiF9HU52Pj7Ny
LrOq0CDmiSpr+6RUK7ErE5cujjQSCNmYKlx4q1/qSdBaCdTvpD6Wfv29mO3Dxc8m
DnAf6RSfcarDP/zbQQySfAZDezRFGXX+nWV+/d5W2/OQ+q8PX3cIfughPxiT59Z8
H4G+B1gkh3qExbhi4/GbkNl/NM8m2B3/51iEbJo51qbGP6VxhHYSK5N1rF9VFwsL
kR2wXx870qGMBrf4CVsJKgAKg2B8gYjly9s/5m7qqepkJLGbHWc8zZaYvXi2AFVd
QncWtAeroJKXTq18OwFW42ylSOO0pT4yy1k3Bv9S4VwW2eJUwK4=
=SVPK
-----END PGP SIGNATURE-----