-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 To ensure the image has not been corrupted in transmit or tampered with, perform the following two steps to cryptographically verify image integrity: 1. Verify the authenticity of this file by checking that it is signed with our GPG release key: $ curl | gpg --import $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org pub rsa4096 2021-08-04 [SC] [expires: 2041-07-30] E10F 6567 0C8E BE42 ED0C 3A49 CCA5 1174 468F 9073 uid [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) sub rsa4096 2021-08-04 [S] [expires: 2041-07-30] $ gpg --verify turnkey-e107-17.1-bullseye-amd64.iso.hash gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073 gpg: Good signature from "0" 2. Recalculate the image hash and make sure it matches your choice of hash below. $ sha256sum turnkey-e107-17.1-bullseye-amd64.iso 1c19a022607cc65cb4243f082d4224142097091f674f2b7535950b8419c270ba turnkey-e107-17.1-bullseye-amd64.iso $ sha512sum turnkey-e107-17.1-bullseye-amd64.iso 3585fcb9c63e08c3beeb2bc238a859d4b125120810fd9dbaed4a520074a32d4b504b80b8e30840103ece48ed62246b6c2bdb60afe090c07c90876f01af872cfb turnkey-e107-17.1-bullseye-amd64.iso Note, you can compare hashes automatically:: $ sha256sum -c turnkey-e107-17.1-bullseye-amd64.iso.hash turnkey-e107-17.1-bullseye-amd64.iso: OK $ sha512sum -c turnkey-e107-17.1-bullseye-amd64.iso.hash turnkey-e107-17.1-bullseye-amd64.iso: OK Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted. -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmKAx/AACgkQHkh6RjHW /rYNnw/+KQGo6QP5AioWPlTncjl1fpDWn0wrUPBYDuc7pD4fK4TuoUPohZ6o1rQd i6JoTu51DuWeAWGHPYi28+TuQs+L13lae4RtcbfV87NXREM9Bd+5zF4TeEnUqXpu CfiveKKIRU1hV0JhqW9Jh4XrtFMgeLC1dyx6ZhAp3oIvnkk2yE9GeXiQzq4JtarQ /ZkVZovygsTOwkVoH7tu/ZsL05d2zMky4r5DAG2OkZwInaaR2HIG+LutQ+5p58NA Dl6aNf2v2GU1lRgX+RVWbJFuLkEiWrIgoDR5ZSJO6dqASeL6ovKKQPif0QOa+6cB 0Ix4e4iJqlT1NrkgtRFVxc5TvN4DDt3sDT9SPf481rwFB9BM+7THLeCmXRJptXMP Cw56GYIxIp38WsPy16eiK0JZGKzBz4TIu4n8qTXbF4xm24EmKklrzSOLQMPTGhpm vsIVz1AIMK6BfC45fj5u2ABAD4b3UjEZoG2MS108jMaVjZ/TTPV3555fntIHp1lC aOVYt/EkeAPsQgbaKMM3mEmijRcuQS+NFYO9GcNuV2uvqO261WUVAaiAfvEImnLs O5/ULc+xCDUeQwV2KZGGVyLg5G3XnEPuWseG6DhoVa/EuovUGnACpIVvYGUs89Na jUamVIY6X/8+EyJ8Ol6apJpbv/CbakG8UD3S9wYpS58OH94tcAU= =qj18 -----END PGP SIGNATURE-----