-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-e107-14.0-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-e107-14.0-jessie-amd64-vmdk.zip
      b125af4c6800a77eea66be9ab0d31914

    $ sha1sum turnkey-e107-14.0-jessie-amd64-vmdk.zip
      56dce6ee95df792d23285cf6c2cc653d4e6a9609

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMJdWAAoJEIXCXpWhbrlNojMIALOyoCLB711344l498j0YRvj
Mazo2XGv6WF4ko+Ba/b8EOdgJ71/P78RErDCOVh25hN96n/EKdDvOEK2Eml+kZ3f
reGdJ9x6jib7+xupxWGX8VAGSPyEZWPsODOBeLMgK84zbUyRMtwwbSNNabsh3iHj
1UHqVh1Tq1RkxxkdqSwRvzBXWn9DES6aurmC7yHV9LI+pWIuLOlwvzVm9FRa7O9B
esQv3qokbf+AJqM1dph9pbW18n0n6E0ePFzHKcsB6BvwIoTw6bUnqTApCteFR7n7
EfFy0rVv8Wlfk+XyB+WdXMEPluNF9BPOjYb21/E7eCu4Y+57x3pV0IkSr/8W29Q=
=rPL5
-----END PGP SIGNATURE-----