-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bookworm-images@turnkeylinux.org
      pub   rsa4096 2023-05-22 [SC] [expires: 2043-05-17]
            2614 7592 087C 0EDE 4214  3B63 7761 DEBA BBCF BA7C
      uid           [ unknown] TurnKey GNU/Linux Bookworm Images (GPG signing key for TurnKey Linux Bookworm Images) <release-bookworm-images@turnkeylinux.org>
      sub   rsa4096 2023-05-22 [S] [expires: 2043-05-17]
      
    $ gpg --verify debian-12-turnkey-elgg_18.0-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID 26147592087C0EDE42143B637761DEBABBCFBA7C
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-12-turnkey-elgg_18.0-1_amd64.tar.gz
      11a4878683846e2ba31465e3d43deba36097f2b5431652e848f833de19fffd3a  debian-12-turnkey-elgg_18.0-1_amd64.tar.gz

    $ sha512sum debian-12-turnkey-elgg_18.0-1_amd64.tar.gz
      619f03de305e8e3a46e3a5a6de77ff9d4e33843140e8ea0a825418009320c699eefc2674fbf209a5c6d52539b26877473eee5c63aa2f76f4c7bd774adde3abe5  debian-12-turnkey-elgg_18.0-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-12-turnkey-elgg_18.0-1_amd64.tar.gz.hash
      debian-12-turnkey-elgg_18.0-1_amd64.tar.gz: OK

    $ sha512sum -c debian-12-turnkey-elgg_18.0-1_amd64.tar.gz.hash
      debian-12-turnkey-elgg_18.0-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0achB3UVKiMsY4ckkPLGHN5q3jcFAmX2s+AACgkQkPLGHN5q
3jcuOg/+OiHOvP6V8JgIw7lvKSMWeYpyUaa/PkmW1T8j7KLgbFICoCzpjYOfHLXT
I6jgcdR5W7GYBw0OpsFLGO1TM1q5MRohWWYU8f0yvwgsYo8EtSKg991kXUaozPEp
XnQTz6b6hHu1/xuUPlp9tXMZlC20/gTmKpBxWI3CYbOqAglUjjd1XwqaEsHA+2/H
YCaNyls9O+EDLNaUI6LS5tgn4qOZ+bKluKdeVp06yJR/X6OscEGgPBjF+IfHKFVY
DQyoOtQulMCSwZzRVzUp4fgzDptUAEJTvFrqalxe+qiUlfrLzQF6IhiRhy5Naz3A
t5UqyWddMToV5vHsRi/QPGui/Z9m/Cb8BnuSa/4FMGlkPZDO86Kl2lYyJTOPLUsJ
oacGoc28gVoqu8iwOkIjUFxVVKrloBs8w5hPgnbSz0QouEVpnCXg1nio03Lypv93
kOwzbHkrA4llEgYfChCigQe/HjaI+Bs7mXYlDdArplDHqAfwOkToN0oRudh4aBMN
YsRahqd472Sv5qTBBKFFjbUNBz4UliI/lg2pxNUT5qxhYsfui3n3BqnQZsRP40RM
E7ST6mC3B1H/ZKPxjXr24bBje8aFZeFVYqZAO91SVDsIeZYscDgaklzmVEmkwc0j
9diHctiDlKC0eUfJDL6DfW3eJrHfVsRQf4/0iF4afcV4zl7s96k=
=tRwl
-----END PGP SIGNATURE-----