-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify debian-8-turnkey-gallery_14.0-1_amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum debian-8-turnkey-gallery_14.0-1_amd64.ova
      a4eb91fcd29f37d28357f7741aff092c

    $ sha1sum debian-8-turnkey-gallery_14.0-1_amd64.ova
      028117163c3f94463831de298fa459d6eabecae7

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWObxSAAoJEIXCXpWhbrlNbAIH/1vqGMA0DH05EXothFh5IExF
PjzBAPtHLJMNuSIXEX/W4BKvpV7GHSMq8Q/q74OdUlX5fKrQyBeicpdcTMZOJHJp
q3anFsiTKIh9za0lh+2V9CSQQkzBUvHEL7uPE4OmOCMl/kAlvkTy3lpkbZrGTNJh
Fzei3uLUBsdN0GnB6/hI0t3VwewfmxkfQFF3eIybZH50JhUto69V69AVRS6JEb+/
KdwQ1hTrevGBLeC5EY933lkXbfRB1id2M6V1YFjUK5Bx7wK1KyVer4BPf+UIKo2M
C434xn3qOH44y/KKChHBdA2Vjlev1j7DX/I7rxsRA6KioYCPZgOFJfcAQmqOqkk=
=h39F
-----END PGP SIGNATURE-----