-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl https://raw.githubusercontent.com/turnkeylinux/common/master/keys/tkl-buster-images.asc | gpg --import
    $ gpg --list-keys --with-fingerprint release-buster-images@turnkeylinux.org
      pub   rsa4096 2020-02-05 [SC] [expires: 2040-01-31]
            A8B2 EF42 8781 9B03 D351  6CCA 7623 1C20 425E 9772
      uid           [ unknown] TurnKey GNU/Linux Buster Images (GPG signing key for TurnKey Linux Buster Images) <release-buster-images@turnkeylinux.org>
      sub   rsa4096 2020-02-05 [S] [expires: 2040-01-31]
      
    $ gpg --verify turnkey-faveo-helpdesk-16.1-buster-amd64-vmdk.zip.hash
      gpg: Signature made using RSA key ID A8B2EF4287819B03D3516CCA76231C20425E9772
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum turnkey-faveo-helpdesk-16.1-buster-amd64-vmdk.zip
      f484c0384fe524f74ea2043802c97a531aa60ed1c3ddfd30b26c232790c7bd44  turnkey-faveo-helpdesk-16.1-buster-amd64-vmdk.zip

    $ sha512sum turnkey-faveo-helpdesk-16.1-buster-amd64-vmdk.zip
      4839162fc65ac55baaac97c8ae4ba9d87e50a2069b8bd15c5e6ed0b103691b8d650809d92aefd74808f739f8e09422a093dc00703346bef64dd9459045636e7c  turnkey-faveo-helpdesk-16.1-buster-amd64-vmdk.zip

   Note, you can compare hashes automatically::

    $ sha256sum -c turnkey-faveo-helpdesk-16.1-buster-amd64-vmdk.zip.hash
      turnkey-faveo-helpdesk-16.1-buster-amd64-vmdk.zip: OK

    $ sha512sum -c turnkey-faveo-helpdesk-16.1-buster-amd64-vmdk.zip.hash
      turnkey-faveo-helpdesk-16.1-buster-amd64-vmdk.zip: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE8ZCki1TcVrLH8k3LrF6wBJPlvBwFAmCOURYACgkQrF6wBJPl
vBxLWA//UPM6K7Ti1iLGtkJty0zxKj9wqWnzOIdvXE12S2FSlVy0XIaPq72eYg+G
UoiFAmL6c0whT3k6rzf0YhZY0lezhnoDkUwrBXdEk59w6MLuv5hzQZ0lRVPyDTqS
dFZWYS5y2Z5UbNLGhSshEH9h6tjUuclMTBE5oCryD1a339+P/RjIKj6CI58yb4Xp
nEyJBYJL3ZKkfx9IgGoGbC6scz7TfX72ZfZYeU/mfjV/KGbuTQ6WRXN2Ww9GvAmm
bdOOhDYxIx07cSXMW/7Cyahh3GNqLDDKsfj8bCiWAkw8QpR7TKM7eRe1b96NYVVc
Cb7w2Ro2exWAbGUwk+IVOO57XzVx0TJ3qUAx+xHZjRIiINftV61tO6HRFqcjoYSp
kPU6OwbI9OIb1kKYJjzM19yCqh6bmU3LFz+muLEQEek5auDWt6zJgrdroQ83hV2V
bQ6XpFyAZGe2Aml4ekL3JopHh1b2CClC4CwcdCTAol5de2Ug2W10/VnTQOYZr1cR
qzj8liX+Uc2pu5b7FhUi+P1zv1ujukdFgta3VdDoZcJSTeFbpS96Af5A12909O7y
fqtz1NTWZgfzPLRw3Bc6hL7EFcmAtRH4sal0ipHnMhFNeMMEjRyzuPOTSzJhJ3p+
upw555TPJ5Exo9jN8WqOPoAwj8ZoKlJ3NI3DS8RMe3P3oes9wSk=
=yO/J
-----END PGP SIGNATURE-----