-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-phreebooks-14.1-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-phreebooks-14.1-jessie-amd64-vmdk.zip
      88c0e61af1be3b0259dbdc76ab0a7f8a

    $ sha1sum turnkey-phreebooks-14.1-jessie-amd64-vmdk.zip
      c05badb5e9bc129c5cbd7d8659be542baf294d06

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJn4AAoJEIXCXpWhbrlNyAYIANl54K5frz3yGVAJ0NvsUQ4p
AQsI2WovlgY3cHvuLqkcmO0YFtQHhhmLQ4VWNJHsgQpSqvcl9zKpSRJpPMmH9fSa
SgHmHqDvnNwiSqUstXQ/iXEzLJrZvJeROnPJvG5UqOMr97z19IFaNIa2PXgkNV5B
GQ20/GkEKkVeoW+PQ2H5jwehQyU1I7SIvafLcZn7BpbSQ+ANLf6CzJT4iPp9Jw2D
djfA6vqMvtO+1+q7vX3EmBYD8eYg4SWxJt3nrwcsLyeqmfyFrVLO3LM+6TeZ6x4J
rlZkdP8BymIOblxYCSzC2aser2nuUvjuVLqpCfbSx8tF4WwhvcNpXtKdGlXwnUc=
=lQOR
-----END PGP SIGNATURE-----