-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 To ensure the image has not been corrupted in transmit or tampered with, perform the following two steps to cryptographically verify image integrity: 1. Verify the authenticity of this file by checking that it is signed with our GPG release key: $ curl | gpg --import $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org pub rsa4096 2021-08-04 [SC] [expires: 2041-07-30] E10F 6567 0C8E BE42 ED0C 3A49 CCA5 1174 468F 9073 uid [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) sub rsa4096 2021-08-04 [S] [expires: 2041-07-30] $ gpg --verify turnkey-vanilla-17.1-bullseye-amd64.iso.hash gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073 gpg: Good signature from "0" 2. Recalculate the image hash and make sure it matches your choice of hash below. $ sha256sum turnkey-vanilla-17.1-bullseye-amd64.iso 82f58b90547b270a67f3f3f97ed24e7845521644146df16394a285ca0b2e803d turnkey-vanilla-17.1-bullseye-amd64.iso $ sha512sum turnkey-vanilla-17.1-bullseye-amd64.iso b81c30406069458138da0ddf5042b26a7ed342dc626da44534dd623a244ca5367c4fd156e6af5bc844d891dbda248822c9d1ef66e7bfcac95e5a5764ce488fab turnkey-vanilla-17.1-bullseye-amd64.iso Note, you can compare hashes automatically:: $ sha256sum -c turnkey-vanilla-17.1-bullseye-amd64.iso.hash turnkey-vanilla-17.1-bullseye-amd64.iso: OK $ sha512sum -c turnkey-vanilla-17.1-bullseye-amd64.iso.hash turnkey-vanilla-17.1-bullseye-amd64.iso: OK Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted. -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmKAx/QACgkQHkh6RjHW /rZOOg//fLy/H7UuGddWEJASNCbImzE/pg3u25Deky/AxkuQvbfhrSB3fb2fNIV9 A2hfOLGyxIMHgaIjdFfwb9//JFx7Wa8xf1+RAmkrnN57qwE14ewMabuO4d1uugx9 JuM2vnnZC1XVbnWPcSdr+SE6GN93WLEK5zQIp3jHXiTGvPEFc4URexRj5wK9AOh5 fTHZRFR1Yr8ieO5H+y8qCjNFm1hOQN+DDXGbU538p9e+cfuUVPR6q6qWP0W4TT8J df7NjGhMYAJZN2oPKpBlF7nI4jczrZPhpKhbmxBOFq/nCV3uHbDqN1LnlEWk0NNz 2kU3QcuGUn1FqekKbTMa00u1LPWEdMDIeMZkl8gIzoHTmIPyOhQeoFzDMJUrPMkG lLvx2PFxvxvtNxwOB81PJShMoU/U0MCh02ZRAsYnWHPGjhW/RF2AT2wAe9n0HQWi 4baod3kLsOwnom8eVwarzhAAvSf/67iGKkS5zh6A6FXPQpkIBXZqdtPqrFDGzjnK iCpniXIcxn8uNIlsOMWusqLmfQjROcI1SaOL/0dkrOi6Eql0QJy5pOI+WwEI8ahJ xoPR/xRN/Ym0Jqly5qQBDCRB6SbwZiWEbM7j+eChK7/QI2g1J6ZVZc26JYUrY8Di fKppGIRE07MxRxubPlgp+JHYeTsG1YUEn4fUSWIXF05eDDNkZIU= =PW6W -----END PGP SIGNATURE-----