-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl https://raw.githubusercontent.com/turnkeylinux/common/master/keys/tkl-buster-images.asc | gpg --import
    $ gpg --list-keys --with-fingerprint release-buster-images@turnkeylinux.org
      pub   rsa4096 2020-02-05 [SC] [expires: 2040-01-31]
            A8B2 EF42 8781 9B03 D351  6CCA 7623 1C20 425E 9772
      uid           [ unknown] TurnKey GNU/Linux Buster Images (GPG signing key for TurnKey Linux Buster Images) <release-buster-images@turnkeylinux.org>
      sub   rsa4096 2020-02-05 [S] [expires: 2040-01-31]
      
    $ gpg --verify turnkey-suitecrm-16.1-buster-amd64.ova.hash
      gpg: Signature made using RSA key ID A8B2EF4287819B03D3516CCA76231C20425E9772
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum turnkey-suitecrm-16.1-buster-amd64.ova
      7a743fad79e89c176d9b24d2f744d3e080f39b33999124aebe37b9251f888008  turnkey-suitecrm-16.1-buster-amd64.ova

    $ sha512sum turnkey-suitecrm-16.1-buster-amd64.ova
      b44ce4ebe2b0a9918f7d2fdbaae9615a371b83e8c6e294145abdb64ce4a3e469f37a0422db991dcdcc1694e5c0678822e692b2f48e68ccd41f0805e171bd2777  turnkey-suitecrm-16.1-buster-amd64.ova

   Note, you can compare hashes automatically::

    $ sha256sum -c turnkey-suitecrm-16.1-buster-amd64.ova.hash
      turnkey-suitecrm-16.1-buster-amd64.ova: OK

    $ sha512sum -c turnkey-suitecrm-16.1-buster-amd64.ova.hash
      turnkey-suitecrm-16.1-buster-amd64.ova: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE8ZCki1TcVrLH8k3LrF6wBJPlvBwFAmA7b58ACgkQrF6wBJPl
vBxLgg/+NzJ8q+S2/rp2E5WGOSOZuKHReWCRSWPOU6m2Tw8be1OIG7xlTAecxPYZ
7jX9zFWbmCIeeSI5A5juiaTqKGb2S2Fc8EGVNptx43EvULNwo9ie8ExH4/aqYkUY
LyYHwrk5iIkQt69EacaXBu+5ov9g/AcVua/TtBw8vB93r7hF+Q1BegfzVTTuDuGs
Bf3uIjMN70lDOcKBA/4mbRCJwfo3o+kxTWu1hnQyWQwgVBDs5i/ZlJ3rpB06oNP3
BmgkA+AS1/9NEBvnJF3oqXNsGhrVLDClM/SWLCUMLIcoQOjGHiYuPXy0/tv3iAWz
1E+9IrX/hR5B0GBwHXbinTVxPjeSMZtr12c3WiCGdaxGtp68AByCFMFFPNejWoDC
y3O4He0UFwxB9XBFRTNxoftppweNRYlenHhlBreIf1xdwSOAaXJPegdkeXYoXjgG
2nAf6r8aoww0xMTp08zLW8t/VhdnTlZ8WXxs6OHEhM4n/W6EtqjfgZSKkX+L33Gp
62SlxNvZ+smcl1fGLl1F11+zW7CbbB886wJLbaLKp6X15CIW8FmVZFEJiUROjPrT
c26XLAA497o6L9eHTNeqbaMdCAhoMwioEpylg7xftFNIgHmcyeMph2njkbQs0voh
Se3kNvUn5uaDZmlMejrmT02rMSga+iohIzyB6tWxiKjXFDZIW24=
=z2nq
-----END PGP SIGNATURE-----