-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl https://raw.githubusercontent.com/turnkeylinux/common/master/keys/tkl-buster-images.asc | gpg --import
    $ gpg --list-keys --with-fingerprint release-buster-images@turnkeylinux.org
      pub   rsa4096 2020-02-05 [SC] [expires: 2040-01-31]
            A8B2 EF42 8781 9B03 D351  6CCA 7623 1C20 425E 9772
      uid           [ unknown] TurnKey GNU/Linux Buster Images (GPG signing key for TurnKey Linux Buster Images) <release-buster-images@turnkeylinux.org>
      sub   rsa4096 2020-02-05 [S] [expires: 2040-01-31]
      
    $ gpg --verify turnkey-typo3-16.1-buster-amd64.iso.hash
      gpg: Signature made using RSA key ID A8B2EF4287819B03D3516CCA76231C20425E9772
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum turnkey-typo3-16.1-buster-amd64.iso
      92212f16eb669b95333f56ead75eefc07a2dd8264261979e23827d9516b85b7e  turnkey-typo3-16.1-buster-amd64.iso

    $ sha512sum turnkey-typo3-16.1-buster-amd64.iso
      7f6d4c22a9bb349513c4023617b375215eeed312063e041d13754cebf6166165374ff3e9991cbc6076cad58321916898bb858f0857e399f0dc8a4634cfeee56b  turnkey-typo3-16.1-buster-amd64.iso

   Note, you can compare hashes automatically::

    $ sha256sum -c turnkey-typo3-16.1-buster-amd64.iso.hash
      turnkey-typo3-16.1-buster-amd64.iso: OK

    $ sha512sum -c turnkey-typo3-16.1-buster-amd64.iso.hash
      turnkey-typo3-16.1-buster-amd64.iso: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE8ZCki1TcVrLH8k3LrF6wBJPlvBwFAmBh2OIACgkQrF6wBJPl
vBz7FhAAzSJ49qpb7OQgUQa5CgF/ZTRLx8K8g9cMA258HVe6UsXTecrlduNZh+9H
/I8k3Oo4QM+Hm7rFWYjLXWB0Uzywm+gpjYeIO0P2AWIzoiXv8yBy7fVRPxPXV4l9
I41rsOiJ828sZhPstVf9ykZ+omSyQ5xU5LAluM2azH4S7bKSandI2vpsFRtGPPRK
8yRWVutg8ZnXuE/+kYyOwxIKIjvndN133WtW0DKAZr7QAXm7Y6TM2iO0eEWBPKrJ
lf/96g3qSH6RpGX7PF1HWqLwUDPP6AKbiLV3FvyXzDmIiVTINjdeT8Q1+6UDVy9j
rssruBPmMPUanWP3991vKbR4v9fQQNWpDP6Ay72pLzxKNXdYyNFZspFHLRWzA0W7
vI22JYMlt7XLHPM0KoHb275S2QQkaiAOJzt+pecWolmOCFKtRUtP9hwPwNE/CB7K
eqbyjtg3Ppzg0CEX1F8IalV6IBbZ984eVov5AeBYEm/Dbq8r+urWhBzBWQcIX8il
lovrhGRkUr+pnPsq66prVX/87Z+h7dN7xZ0CIbpqZBKDDGciCMoBvU9db7Mp4Qvj
wLuRipJD8JknEvnoOsbeP9dCIWjdK1Vr5vhsSVZAfDYX+8kSzaifoVUluIN8pgYF
4yTETPwmaBrYoaKhgyHhoQ+YUXkU9iOAnYour3A6H7chyFHIg98=
=SqXn
-----END PGP SIGNATURE-----