-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-leantime_17.2-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-leantime_17.2-1_amd64.tar.gz
      51f96af773c6e5193a9ec73eadec2d28575c19cb0c4d20b6316c5edcb682ab8f  debian-11-turnkey-leantime_17.2-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-leantime_17.2-1_amd64.tar.gz
      b799c51a482dda185a35ad949df88ef2791936b581ea4bf2a3c3e215190c5eee474d7138c6108474e8a5db8c03d71fc55b3957d0ad772e08206383ef559a5d68  debian-11-turnkey-leantime_17.2-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-leantime_17.2-1_amd64.tar.gz.hash
      debian-11-turnkey-leantime_17.2-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-leantime_17.2-1_amd64.tar.gz.hash
      debian-11-turnkey-leantime_17.2-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmOccfwACgkQHkh6RjHW
/rbjDA//aelvmNoTmfsy85nNeXS5nlsilAKC7YWrVc5iu4ILj7O8L3tGlaXz13c1
e2LotUJ2fo2r1YMiZgFxFAe8+blvt0AH6BmrAZQgOscgCDruU4mBbUmc+8sZcIpv
YM71P0J9XWqFBdtxG1zU4RqUUZxz9/JNKMoRrvqKCkGYONoetpXlQzK3nwq4IRLE
OnLbF+5KdR4ArpvTl/IOuRhwlPz6wei1awTAiOj8Eznc/g1cMm66RmPyOEgMuO4K
Zn6nqLNi5x5ImZrfp6hrABZrL9qGBVwNdmm36EuhCA8ALdZ2MktKNBJ5FN0E/G6h
jml1GO4SRnXVHxMDnVGZqb1+Z0ue1NqVaELjMAQgBxwNeAlfSQTXPfBc2wxTlhyn
NgcHlxyXaOkm9ltjAySCAMNJBvR0jI8TLNhFM5QggVcrZQq0C7HB58l0ho29Qg1H
EsGkhLlc4lGwNtoJJVDI0yPMfNFVQKXRTshrLlSMbx06tn/+KTzmZzjdJy6ybCAQ
hrwEyP/UkoHPHCcRfKXHSLj6Uyj3fElUyd4eyriE97D8U4msV3jbRpUefSA2GJ66
+puxkXQ3VZgV0KnigAyTH7NKNLrWInzoN78TiQpGi73H2Q2QGVoph8q3lPndzMTR
AxXU/W/+84ii15kdc4FGwvDGxQlFVMeGMbWlIYqOlfKmf+DbVl0=
=GyR/
-----END PGP SIGNATURE-----