-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-gallery-14.0-jessie-amd64-xen.tar.bz2.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-gallery-14.0-jessie-amd64-xen.tar.bz2
      40b7ed20bee6c1467724cf4b5222ddad

    $ sha1sum turnkey-gallery-14.0-jessie-amd64-xen.tar.bz2
      8f29c1a538990229c23a7506e7b4b2c5a1ea20f4

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMdiAAAoJEIXCXpWhbrlNLmMIAMiJHo/397rNgFT8b9iqnq5F
/xpTorK7m3h3ICnkYuTZuBSGaLPHW2Cg/stQGGm342X7HSevIjMia3SIjqZpFQOe
NR7uK5UPtuUctHfiuiqc0X3+P0al0YPuTz6KmdViOBf4KDknfgaSzhcAQIAtOBq5
5X5Tp4uLRAPSU+4qJ+3JXCj6GC+B7igKXVsfGLe1iRf0Vy87v3hkhA4kBYV/Dw+O
TbEn+yCe7DJGea9fhEVbYmeyg07tq3grpz88D0cxCojwFg9jsN7IELg8UsMGONoh
rYQdhuwB6QxCizIG1isNAppMS9qr4q7Y1lsSkzIIs6tuNYU4EjmN0xIMsDt1cd8=
=sPER
-----END PGP SIGNATURE-----