-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl https://raw.githubusercontent.com/turnkeylinux/common/master/keys/tkl-buster-images.asc | gpg --import
    $ gpg --list-keys --with-fingerprint release-buster-images@turnkeylinux.org
      pub   rsa4096 2020-02-05 [SC] [expires: 2040-01-31]
            A8B2 EF42 8781 9B03 D351  6CCA 7623 1C20 425E 9772
      uid           [ unknown] TurnKey GNU/Linux Buster Images (GPG signing key for TurnKey Linux Buster Images) <release-buster-images@turnkeylinux.org>
      sub   rsa4096 2020-02-05 [S] [expires: 2040-01-31]
      
    $ gpg --verify turnkey-collabtive-16.0-buster-amd64.iso.hash
      gpg: Signature made using RSA key ID A8B2EF4287819B03D3516CCA76231C20425E9772
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum turnkey-collabtive-16.0-buster-amd64.iso
      ac9e9d3e2435e244e1c20322cf552621eff04071aa864028d53cd7a8415d5f87  turnkey-collabtive-16.0-buster-amd64.iso

    $ sha512sum turnkey-collabtive-16.0-buster-amd64.iso
      a190006d863aae12fe445baa20c0fcc977035f0fca181a03a0d6cafc1903e060a0c76ca6c8587bdfce3c6d22b6c4179bed39e720c8b79922f9d00b2bf0733b2b  turnkey-collabtive-16.0-buster-amd64.iso

   Note, you can compare hashes automatically::

    $ sha256sum -c turnkey-collabtive-16.0-buster-amd64.iso.hash
      turnkey-collabtive-16.0-buster-amd64.iso: OK

    $ sha512sum -c turnkey-collabtive-16.0-buster-amd64.iso.hash
      turnkey-collabtive-16.0-buster-amd64.iso: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE8ZCki1TcVrLH8k3LrF6wBJPlvBwFAl7co0YACgkQrF6wBJPl
vBxdxhAAx3XrcZEBsNxocYFasHBpu+Du7+JnXJ0glJS3eQrfvglZdoc5p3wzvll7
qlG/8Qs9xS3H0NKnWhWSmedG6MAPLw9sKdeaq1sbZy2Ugpmuj4C7zNfTIcEwTd60
DdbFDFSd/ijKJdjM6dzz04CKAjnmbEa7i70phzl1egTGN90BjMMEUhV1dbJxnqcj
ZqKvqFGfdEclVZ4moH3+FYI1eMsF49vOJBYj5zXOpnu7DI8lIP2AcCNLYVXLz3Ij
DXRwWj3Q8Fdeuanprxl7sgCkLgLg1C3m5snl8/QD6kNYxnMv5hMtb898LcaJurig
D8HT8wUYREdg+YSQuNpbaBAkn8rvg4FfUPWmk1MUVsFQtI+Pa4Krtd6CbQuKf6SW
WL+V5jh3SpJ7ALbSAWjmNGMJuneleijdPvHu+RL9KoAewLCpZy3ONcdZlek+ki8c
a5k2lSo6N+Ol0Uh8GL6RtVFxGsrOQzypnVPAnvfuylNX1GbJPvFbhvHnPOQQ4vOH
T09vV9UbzvLoykIlsbygLgj3sp5T1TlqBy91e6WvVgOhi+A6R1BW0hEOYm/RRpbt
OXGlfZdaMSU1adINO9FyN1n1JDlC/m+p4OcQIqbQXDx5AbCK/ZxsGXRHgnqTCC5n
Iu4bHYGZIbIWcT+C/Tp7r+lavkdkXPsnNByI9LUhnFsDafwwBnE=
=08/F
-----END PGP SIGNATURE-----