-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-gitlab_17.1-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-gitlab_17.1-1_amd64.tar.gz
      d7be666c83599abec0b16e6609240ffa851b51defaf955f54b2c2139a6efdda8  debian-11-turnkey-gitlab_17.1-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-gitlab_17.1-1_amd64.tar.gz
      e06afde79b61dbda7afa091844f53a3199071af60c07fc5b6f8ea5ef997fe72099342119452478d07092f971a42479dd535fda420602c690ffd6156387df610f  debian-11-turnkey-gitlab_17.1-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-gitlab_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-gitlab_17.1-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-gitlab_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-gitlab_17.1-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmQr0eUACgkQHkh6RjHW
/raS4hAAqXgtf4BdWu0OkAqsjyQDWQIGbanhto9l8ZTbKaaWGJwg3f3rZRcJInEQ
z8bsnEUd0EdSjX6Z9jj/bFu1kikemes6wNHOkjczEnAGgi8LI7JG7OXBkH5iLCH7
2qGYQeJsH1Lr4/ACzkIHiA4QwIbS6OK/ZI0nlZWe9F+tyqHjzT6xDxg1n+96e4HF
WzJuFWWxglfMMZjjLRl+R6GXMHpw7AVTTsA0GsEwRFUH3DghqoKUf+6CfMlaSEzk
nvj/Qcpo6sPPEGXwLJVTHKm4daJCHhd7DumE4Su/GYj4ZgRCq/6I5n0fbKQOjZD8
XTMm+T0mrdYhEW1XKBYZn9LmVWuNpm3Gtur6J6ncO2bbVori2ofQUVozlGhIFAqL
5JN5m4h+e2HhjMFrYCbesIaX5NGM3Yt8yzYAyfcbNagsf+jkj5CtIdiGUsmwOnCO
bnC6CLDKVJpxVFt9TOeh0tuFmLTvkzwRmfKtg0Jyjzyp9F2491oah9wn5CWdcljL
L62XTOl/emZfZVFnKItuU0LAXgTkJCjkkeHovEr63sPrQiMuM7zqik0ldVU9pzsf
vsb/vhmuv4qErhbET46Votav4PxanqedzolZH27QuxZ5Yd6aHXAKhHj6cUMQ+cCN
2LnjpElHITgipPVuJ2cVaC4pHekbWy1f1LM5tZCamYxUdhuVOIY=
=SIes
-----END PGP SIGNATURE-----