-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-icescrum_17.1-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-icescrum_17.1-1_amd64.tar.gz
      53a9f6061bed9fad606e7b5b8f2cd1fb2f9b10fe493f4aa7d42741f637d47c77  debian-11-turnkey-icescrum_17.1-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-icescrum_17.1-1_amd64.tar.gz
      32f4928f1673f973e610e3ae0eba3f4f77268cc72c60c57f7ed7948d83fc82718091d51d27b65c0334ab6f67f2b095008ab68a346a278b8a34dea7bfeaabf215  debian-11-turnkey-icescrum_17.1-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-icescrum_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-icescrum_17.1-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-icescrum_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-icescrum_17.1-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmM0CTQACgkQHkh6RjHW
/rbRvg//dcof2teJoTpr28LCQM8aftbQYR6IOsyy0HUuLqzY1Mla9o/L5Js7rl+S
w8JZ6yRLNta/DxxgXGbfLuyE8JUDdUk237Elgtald5MBF8HburpDohLv3ETAuQAy
jA+ozpcidWFhr9+2Wp8rGK+PpUMj8seTTtxylk3jri7aV8XFXJtcNssZ65vUiTtR
E0PTTiHcszsL882UPSWJ2qCKJs+ahuMvLxyrTAzOXRoDkXS/Q4HSbO7zDbooutpD
l2mEuJVMLFTLb5Tk1mauy4fKufJh2Qbwh3170fk1cMMPHg/gAh2iYfpwn83M3lRv
QavGMIqySuL07Fsh3V7WmtqgCgpJEVukbtMchqNzprd0oJNhCjtRDPrmFUjx3ati
IVjMjHL/+H0fI/vSAjmn8BydHE2DGP19UA7knB7+E3kc/iKQkuZjVkzvHo9BQJ7H
IZl4kGX2jc8kSh1W/y3i3l+L4TuzfQzU4ey9hguNarqL6KbW0xwK6iFcSzhSm5fj
nE18w9EtOG8qufpga6ZZ6ePCHVffexGSpc1prS3Xmu/V9XEf+8ZnZuAJqMHpMZ9g
EUrM3c8Hy8bpfLnqcx8jtvJgRT5oYMOSt/XMf3JfyoA405cd7W+o5hNyZ4luWIuK
IiNhZOihj6uXf9IDLGzCJEfuFQDDS/yZX5/rBiVlnKiJ4+LIlNI=
=X3+O
-----END PGP SIGNATURE-----