-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-e107-14.1-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-e107-14.1-jessie-amd64-vmdk.zip
      7212ba876f2a2a74cbcd55e6335e89dc

    $ sha1sum turnkey-e107-14.1-jessie-amd64-vmdk.zip
      92bd9346a5480732765c926c5a0ef9ddb244fbdf

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJnyAAoJEIXCXpWhbrlNFq8IANNu5zQyRnA2Q3O0DelC/yzj
2En+cU7Dw3EQiH6GtLwAnwCUZItPqMQA7fPHTk4vipR59CeRkwZI1MnEuR777KcD
E446Lc2u1ohlnBthahkdwIrmwmWoMqlyGoJ5MBk4SqeQ/ACQ5JRp9D7Cg8C+iO6B
F1kVGhMHFIzfqx3oACkIDLAsS5WPRI5ketknzaeX/Afkz1FwVV4u8a1T92dm3aaP
2Qtrz6nwCnSrd3BLBOA5HwzxltpVYVgBgLLFLiCNybo/jolJbw5SpHWnYLI/DRPo
4r8WlURGU0EFF9zQlwo7iTxBhWLeIyIUFYQB7tT/d2PvVof+/91TuUKbUdBYq/Q=
=4AGu
-----END PGP SIGNATURE-----