-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-fileserver-14.1-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-fileserver-14.1-jessie-amd64-vmdk.zip
      6818f03e2328f5a2bf39fa57d8c231d7

    $ sha1sum turnkey-fileserver-14.1-jessie-amd64-vmdk.zip
      438e35ee878d1aad5d4df70a79e97918b1fd34e6

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJnzAAoJEIXCXpWhbrlNDRMH/1kKIaA7uQ5Tm8yTpFJNooJP
0GB7NgfcjxQu0X/9+fP88SRRct0Kq6ajdoSimSfOcbjKb7c4pC0RePD5hAM7m2dB
iBx9Q2WyQBrKS6v234sjVcw8/clF7dJeQp0GPAUeAgP3Nay9u2mqn11ZtvWEXkO6
3JsmD/9fDQgloPqhMbxxsLJa5hj/KH41iuZ5Hh/xHofK/gD+YHPN28KhJiQxlG69
/w1kw57gX7yr9iRU9YYmj+iNXjmbJ9vsxN2eRZd4+tqJVjkenlZxtMoYOba8NbAI
qiVrNUPRBViZVd4a6STf1WeQyP0eAZ15vuNDzlYr+Zl1kTttjkj1+SLLmSWQPh8=
=KNG1
-----END PGP SIGNATURE-----