-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 To ensure the image has not been corrupted in transmit or tampered with, perform the following two steps to cryptographically verify image integrity: 1. Verify the authenticity of this file by checking that it is signed with our GPG release key: $ curl | gpg --import $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org pub rsa4096 2021-08-04 [SC] [expires: 2041-07-30] E10F 6567 0C8E BE42 ED0C 3A49 CCA5 1174 468F 9073 uid [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) sub rsa4096 2021-08-04 [S] [expires: 2041-07-30] $ gpg --verify turnkey-tracks-17.1-bullseye-amd64.iso.hash gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073 gpg: Good signature from "0" 2. Recalculate the image hash and make sure it matches your choice of hash below. $ sha256sum turnkey-tracks-17.1-bullseye-amd64.iso e1d505ba152d79e2b593ebce8e518fa9e8656e678ee0a2627df82a58bc8bbe8a turnkey-tracks-17.1-bullseye-amd64.iso $ sha512sum turnkey-tracks-17.1-bullseye-amd64.iso 1bd87ee98b7d0145222ddd8e0ddd90ea0c80582d88318c71fd6bd05dbf8537a5f082b86f115bbc9e6f3b29363b5aa3b8c25d5aa5a0d98ff9ae10dfc0571fbc37 turnkey-tracks-17.1-bullseye-amd64.iso Note, you can compare hashes automatically:: $ sha256sum -c turnkey-tracks-17.1-bullseye-amd64.iso.hash turnkey-tracks-17.1-bullseye-amd64.iso: OK $ sha512sum -c turnkey-tracks-17.1-bullseye-amd64.iso.hash turnkey-tracks-17.1-bullseye-amd64.iso: OK Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted. -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmQEVSQACgkQHkh6RjHW /raxHQ/+Owxd6KgbeuBQ77hZmz+wzd8rxXLtvvwyjwWFxuhLMqBQNuDXDLjBn/at Clw6O99m0db82jWfFPnaHGtQRdicnOE0YTRy/ps2CReRh5+NkTVfqNRNLXZ+Dt3X rtP8Op03ULWT+qJQdukv07tc0FZ9yIWg+0YwRf3etw238/ChwGzsXmwbBpTDC+bw tfIwH83TUSpf1xX9Rnz9KGBF8lF+b8yRPg5ZGUMxslDufalH+iNYPeycvBseyKoM BuMcf3igGdCjxdk9xQdr7T0x1uW2A9Qv7wKT6c3B6l08s1yYQxr9MUf73c6ErS0r 7jM8r1s4QH/IMp4K7p3GHMfqpQC7lIQgELXUUxVjJhp4k0ufXK90OAeQAVt0d9G8 sqtFwU2eP6sp+J+4n1aHa0UGc6eAIwmsDe+yMFcpRtqV3GN+bpFeWe5+jy/8JZUl wPh/fiTZIU+c+rovGkYs14BeauAvlmByY2ocUpAM7xhK2kEkTProUX3kEXpIuqJe wTmv6dM9GjURAdoLT1+PVF+PPboi5vjHjkCjqTFCqTA6cWDkEZ4K7hLQpFz1X4bh Kmmq+aTMd4wA+xGuU2Yp1k+wXr4rmeKAkEipC9AJpXw2/FJakhctVLGbzoNEijBt n1J2FwBf/MLN5Ovr6N3gcIckSJc+9DO+AplzsTXhNLIsWZTHPdE= =RLZq -----END PGP SIGNATURE-----