-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl https://raw.githubusercontent.com/turnkeylinux/common/master/keys/tkl-buster-images.asc | gpg --import
    $ gpg --list-keys --with-fingerprint release-buster-images@turnkeylinux.org
      pub   rsa4096 2020-02-05 [SC] [expires: 2040-01-31]
            A8B2 EF42 8781 9B03 D351  6CCA 7623 1C20 425E 9772
      uid           [ unknown] TurnKey GNU/Linux Buster Images (GPG signing key for TurnKey Linux Buster Images) <release-buster-images@turnkeylinux.org>
      sub   rsa4096 2020-02-05 [S] [expires: 2040-01-31]
      
    $ gpg --verify turnkey-mantis-16.1-buster-amd64.iso.hash
      gpg: Signature made using RSA key ID A8B2EF4287819B03D3516CCA76231C20425E9772
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum turnkey-mantis-16.1-buster-amd64.iso
      a497721c2b446ec1a15b0d8e76c23eefc255d53055a4c1c39b0dea05eaed3ba7  turnkey-mantis-16.1-buster-amd64.iso

    $ sha512sum turnkey-mantis-16.1-buster-amd64.iso
      b583d2593767d1c8a7f42055f17c542b1d348a5d08f3b7e559b0f2fdec91bab71e6af6622fa73390d554ecbcc9d47daff10996da422921aa34cf52f1635a6b5e  turnkey-mantis-16.1-buster-amd64.iso

   Note, you can compare hashes automatically::

    $ sha256sum -c turnkey-mantis-16.1-buster-amd64.iso.hash
      turnkey-mantis-16.1-buster-amd64.iso: OK

    $ sha512sum -c turnkey-mantis-16.1-buster-amd64.iso.hash
      turnkey-mantis-16.1-buster-amd64.iso: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE8ZCki1TcVrLH8k3LrF6wBJPlvBwFAmA7b50ACgkQrF6wBJPl
vBwaXhAAxIp3Zr4zvYhIF1+OAzKJsMH0jDYK0G9UJyQWdWiQUks04iDq6nvakCKA
+tMWT7sRc4JYGYeEnb0qtp2MWoUhPWEuPwAD/PxOeJ1khTD9BEJRnAQZuLXUgiJo
zn7Ite3WMd2fy4JE+hAW8Zgmrz5IErB4LspVEOezAr3Jfup/lTQGmr6XAU1rEmrO
iznIBS+39heIrFO3uGVD+4u7PtO/yHYpY+02nRIEEYWx1grThF9L5nbXL3OUY9qG
aVDutmpcDfJ7cJ5AVWxfp8rU5FvMeEvauCV4x+c2kpEWlCoA0XNEn2Fdp/PAq2rO
gLa169UtRJ34ZTCHmwjn7tY0jiX/rpCeLpDDmFXc6YqdnzJGer3Pn2QluxG0TdvW
gYDsi6kh61dwAyDUXRBHdiMVS4h3EdAFxuX73ILyOCS8ZDTYnCHpMTFLdIgIupIK
i+q5/287DTs+QyqY7g+drs8jdAWOvGV8zjSvZhZGqRwUgK0eFRyVChw6hv6VilAV
JCGcaFd5Osazu8ag4ACdOz5Eh5Hw3xS33Sjwmc6w51P5NpFO4Wn4WFr9Sei02zk1
F10ndtmaqV+c0WKHuA4i19dQ4vuRo1FPCzwlRLZ/wl21dCgeF7x59wPum7pT+VMG
rIX0YnJ0JHF+U3iQHpICJ2JmJ9SEa8awYRgs+UY81X7IzmJgHo4=
=U5xa
-----END PGP SIGNATURE-----