-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify debian-8-turnkey-django_14.1-1_amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum debian-8-turnkey-django_14.1-1_amd64.ova
      f9dc3cb2db480f73bc296ab2c84253e8

    $ sha1sum debian-8-turnkey-django_14.1-1_amd64.ova
      a2ae8c25380a2c4faf20f9e24397ca6660cbdabe

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJnqAAoJEIXCXpWhbrlNEJUH/0HG5Y5J/95gVGeRf2g2muww
oSIHM9KkrJnPvn4dOpuinQ2/KnfyZsfO4HQ76T8Lxf+zQR3FL4bmJeyQlI2UuRy0
h1jSQ85EKCBbjhG9XSSH4/CSJjhAezFQxCmUUaMAIQQMU3ni+Xzq3fB5ouIdKM+l
KrD9sGuCAWEiN4/bLBEG1hSXAVeWiAWz3AqBlkOFIyQdI4AEp3oGL6daRaf3QfDW
7rTNVAEyWk6eDWti/I6mlAf5YiSm4QLOddAUjnMOsXzVxSEnUqNbukhKb6YWf932
BYtvhCuR2SkAkVZu7OpnPkQRuAKGfuB4wpv0KWDb9eTF0XSABGSoCg/URxCSuKQ=
=u58N
-----END PGP SIGNATURE-----