-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl https://raw.githubusercontent.com/turnkeylinux/common/18.x/keys/tkl-bookworm-images.asc | gpg --import
    $ gpg --list-keys --with-fingerprint release-bookworm-images@turnkeylinux.org
      pub   rsa4096 2023-05-22 [SC] [expires: 2043-05-17]
            2614 7592 087C 0EDE 4214  3B63 7761 DEBA BBCF BA7C
      uid           [ unknown] TurnKey GNU/Linux Bookworm Images (GPG signing key for TurnKey Linux Bookworm Images) <release-bookworm-images@turnkeylinux.org>
      sub   rsa4096 2023-05-22 [S] [expires: 2043-05-17]
      
    $ gpg --verify debian-12-turnkey-domain-controller_18.0-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID 26147592087C0EDE42143B637761DEBABBCFBA7C
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-12-turnkey-domain-controller_18.0-1_amd64.tar.gz
      b4a822cd27876b999b78db03c1af76c3bb48e83c8e6d34d1e05101b3c05e47eb  debian-12-turnkey-domain-controller_18.0-1_amd64.tar.gz

    $ sha512sum debian-12-turnkey-domain-controller_18.0-1_amd64.tar.gz
      4e834485061a6de0d846abb11e9089e5a2164fa65103ae52e839464f9b4ddb6fde43bad1bffb160f05ee1a3cc6714e67f680a99e77b04a9e1e5e9225fde16bd6  debian-12-turnkey-domain-controller_18.0-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-12-turnkey-domain-controller_18.0-1_amd64.tar.gz.hash
      debian-12-turnkey-domain-controller_18.0-1_amd64.tar.gz: OK

    $ sha512sum -c debian-12-turnkey-domain-controller_18.0-1_amd64.tar.gz.hash
      debian-12-turnkey-domain-controller_18.0-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0achB3UVKiMsY4ckkPLGHN5q3jcFAmandY4ACgkQkPLGHN5q
3jfDzg//bsPlmcLEPryZ++0liCbWMuli/ybkRIYp0cyt8B/2ZUcAh+Q2R5pvzFke
sCCAV/dqlMxUy7/FXttzhtp1fLlfgm18bV+YczraBhCTVtNl6pdSSRA229Wbc7So
Lu4rAKRs9+YAD90UqF0UW/W9TwebzlxpthwxKGX78E7d2yXB4+onl4Ep4zq6Am6X
tW/XpNubNabNNsNueC4tSFoD4iJIy7pxmZ/nfqYdq91Ci0iT7qYK9gtgsIKcG5nn
eY0rjczwkhml+SDAl4Id/Bgz8GQw7j6TJ36nsIYmSM3SqVL9Ti3GaInHBJgm2uDZ
tUocTLAqs0nw0f6VdEDOtamz+CiyzkOscpYvkTn7kOspPLn1Rt1Vfp1z5w5lGP+e
rrC20hSVhs3NLeOSQMiwHeaeWw3nvmTBp6d38+AEKjitxWvyhzemlwEPuWK3mQXq
9YWj8NayKp03EgADG8IZONIfg0JfOYRUX9Q4G0MJOputmmKi6HUJxyeEkjKpjPKX
8V4s54qTzDMiGDbvglQHXvROyprb8p+b2QY4nS1rQ+tQ93bWANob8rSDGs80Zzjo
3BwqV+YS7DkqSyIno26fOAL067Z9pWJQUPGri5orqOUs5Z6oDaTzRYGdSSozs3+d
9SVm9qV+0DIxSYAfDwJ11V5G3oHRF+uXiBHiVqAhIyX0C+7bypY=
=b4LO
-----END PGP SIGNATURE-----