-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 To ensure the image has not been corrupted in transmit or tampered with, perform the following two steps to cryptographically verify image integrity: 1. Verify the authenticity of this file by checking that it is signed with our GPG release key: $ curl | gpg --import $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org pub rsa4096 2021-08-04 [SC] [expires: 2041-07-30] E10F 6567 0C8E BE42 ED0C 3A49 CCA5 1174 468F 9073 uid [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) sub rsa4096 2021-08-04 [S] [expires: 2041-07-30] $ gpg --verify debian-11-turnkey-openvpn_17.1-1_amd64.tar.gz.hash gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073 gpg: Good signature from "0" 2. Recalculate the image hash and make sure it matches your choice of hash below. $ sha256sum debian-11-turnkey-openvpn_17.1-1_amd64.tar.gz 3d799fd25369d7733c240b17763b5a72643bae746bb5b8d1c4702a62c69e0da9 debian-11-turnkey-openvpn_17.1-1_amd64.tar.gz $ sha512sum debian-11-turnkey-openvpn_17.1-1_amd64.tar.gz edca19d99e516cbd83db8036f2a9dbeef1e63c34ae955735d0911e71f289b91931426079e5e2564cc4594d2b73b8809c7ddcf67659b464c27aa0f14d06c26e88 debian-11-turnkey-openvpn_17.1-1_amd64.tar.gz Note, you can compare hashes automatically:: $ sha256sum -c debian-11-turnkey-openvpn_17.1-1_amd64.tar.gz.hash debian-11-turnkey-openvpn_17.1-1_amd64.tar.gz: OK $ sha512sum -c debian-11-turnkey-openvpn_17.1-1_amd64.tar.gz.hash debian-11-turnkey-openvpn_17.1-1_amd64.tar.gz: OK Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted. -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmNx+zMACgkQHkh6RjHW /rZdbxAAoaEvnc8O9gSOh5HPjjBzpIAY6Avaz81hHRYnAIyE5G4kSeG82q5YIAQD Etv86GgLz51o2Y43F0OlOW1DtNSdkTv+eFQbKbRLMCUTzJO94R6cT9bpxGhtnbaw hGepU5ay9IOApuwwT56mtP/AL3MsBI+oCCYnecGgt14TTWkmFm01IAv1J1HU0UHQ Bj3BHUarCurK1ABeqeJ+nrTSta4r7k3pXpz+od3LuoFqkI37S7MxoRAdkHXY2bdA 2gx0oUn4W/QXDmcbrtUvRwqW9Dqc6uWNNJ7PZiLYaH5HK0JurK42ssFGLSOQDble 8q3FPi9iHmm9G0BLlQ/PAfFcS3IhnsnAUDrMoflKC+tKhN4JGCZHjQePW+lSZO3x 6QOsFKHBEZ1c/iUCC6Jz6zYn0SrQP/4Fg3Ac1ErIiI7YRW1n72y4ij6Kfn4BE3GD v6JMUApf/soB4mGj8b/t6dTFeCXLb/x79A/8eD9s0g1e3jMmWCHpN8Gl2qvO+OG7 Q78hjYZ4oZ6/IicEz/zJ+tgwik/27bPdIC/riEgbT9e7aJJoqg7UCSMJXCyKt5TT BjCwwazNV7hql9GnALH3+SwyrYuh9FSLLNNetPeJGjoFYw/wZHw0qSnHflQ9Rvoi D1QbogHjDtpqeoQo3GuxG2M8go0Jv3d0eEQYMLjkc0LHOKrjNOM= =wNMQ -----END PGP SIGNATURE-----