-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-rails_17.1-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-rails_17.1-1_amd64.tar.gz
      f3b20bd09e84e6f53e72e598d032c440bc6beed2b2bf2d15c43902e489e9409b  debian-11-turnkey-rails_17.1-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-rails_17.1-1_amd64.tar.gz
      480d2cf41165b600d5e60266b1cb3725c9a3f3845a6a7425201f60d4988d57bb2ffbfad6c9c7c994c5430d54b7e80ed49a38797245fe656452e4a3f2d45738c6  debian-11-turnkey-rails_17.1-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-rails_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-rails_17.1-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-rails_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-rails_17.1-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmQr0eYACgkQHkh6RjHW
/raXHQ/+NuwbTlZ9ZB2A2YPO47pcm09LqD5nnozA2oBweooBCW8aUIdi0BQZycTg
Bal+vIqKY0+jSGVio8L8ETvmd/QTW2Zz29C7xxOnkU4MfttSMAhBtrFSYIHxvfEQ
6/3PaMd0onHT9r9whxN4lHeplheF8aszjQM5RN9tzqrZ4477dktwW50Wocorzp2A
c1vsLK20i9VPC4qjBd6ZDWngLEG0WTcdo6LUsIY7F30ViNPo/2iXhC7ehoBmQ46t
225FVSoyUYBA0shh9pCiPzzvzMg0IAxXnC0hMd9rbOPbrjZq9X7RXHHCSHAyremO
LScGACTW/baisRHQNtXKPFJM1AcmL6UfJkNrxGb2wQyrnWg7S8mMyZ00U2S3P3mr
dJp965MxkjjCoAs68fo4RNso1Cr7uZ1nrsWSWLF/RSL/5NREx2Od1MIMZ2qRKY1Q
2hfQc/ujVBVppXFVzis/CYywUx1CxTWnQbStmitTANCoQiPZCrBWt5+4f+H1GLmV
gaEBIFoYGMzNRxigoN6JuvfeALf1J+uUS77JRv3L78G9acb8lTGtqVfVdHWuBId4
Z2gvghUW7aiCzCSLspkYI+MFiJsbMh6EaR6sq8VLzAb9yepIieSnA0usm+69jUj0
e2NtznZMbRF/k8mIrJNkzpb+srwRrOEsIM9hrrLHVkhNHe3TGLc=
=cF9H
-----END PGP SIGNATURE-----