-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-mantis_17.1-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-mantis_17.1-1_amd64.tar.gz
      9b74c303572d6a43a6cac89def245d44ef762fbefbd514b4b75d9f60e5d83442  debian-11-turnkey-mantis_17.1-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-mantis_17.1-1_amd64.tar.gz
      20c127fde75f7f096dcd15b801ab8acb466e42b7dd1ca8469befd57b2c87323141a09c7e153a6ad500fd0aa2699b07205e24c89e79ee78c1b34e076175794966  debian-11-turnkey-mantis_17.1-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-mantis_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-mantis_17.1-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-mantis_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-mantis_17.1-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmM0CTUACgkQHkh6RjHW
/rbe3g/8CwByJkmoIUHQwD+ohyroAvcxdmRwOvk28Nqkhqq/LC9sxG4EOWwncxvf
q+MZ2AOGWMNCc+c8Kv15V5Nau4A//QHR8kRmqtFl+cyUwrfcASS7BM831lEdYXfU
wjzKgnPatKsM6wXDofCxqgiritEn2/EdyWCB5GjHtVgcTwvZOi+Jekvlfgv6YDyK
Q1gK4XNiDO4XW0CS/agOTodT7qeob2zGewS83Kggp1/7yY0yHqnFDJA12I6ZVcvZ
Fa2SqkwplcRyZbntajtXMFUGMPOKSgSobxrg+tyHH72aUaJomwRlxXsn24wjYDQp
uKSMjg7dv3OlPAgm22vBxNatlPlQF31/M1iWoyAMbgh0PpEtZfExE9blvcAbN341
0sIdBGYZjgAeOds8jvKfmJjwDVAs7DSoYil7hEeDGKE5goXKpbhe5QMVj6/3eMG/
evJEQ7P8U3DwIAdI5rxof7N5svf9bvPZvqNshC4DJhDNcXnNiGPNC+Sr6L4zbpTf
XmyHXpdYCBS/2lh/tpnvwAfGbRGrTrmsUNm/57rL5cugL2Y6WA3xeSEYI1/Dkx27
jOgKZ5dGT3NcPFooiscxOT4xuCO1SkC+fuyUXa4n8xxhC3H/B9q9UBh11w6aRy16
cXSgaRaabKBYcuUir8SRbdHntkaVu8Elb+wjcZHe/4b+DLPtGwk=
=b6pV
-----END PGP SIGNATURE-----