-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-rails-14.0-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-rails-14.0-jessie-amd64-vmdk.zip
      caaccff545e8d25a6f83d9c2b506ebdc

    $ sha1sum turnkey-rails-14.0-jessie-amd64-vmdk.zip
      308b29cad96f766fbee0f97b6ef892f3d7e5b468

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMJdZAAoJEIXCXpWhbrlN/A4H/37IVdVOkzupJqe54NvDSp88
Dd4J6pf3I4bH4e7N4xFsxeN9g9okGjVgkhdbaqpkFNtxXt3T05NPUIJ1bi3GtwO/
p5RJZh/Rei0yYtE8RRHRTtlbo6uAcYS1lz+LIIx2jJzs5epORmGspIzza7v7FAk0
Ei2l+HAiRVwOXCruGfkbFDkDjFZbmZx5c1wnOTwIHsayy69CMDnFeWsu67t2m7Ps
07FnUf+v3I10cSvbDfAs6uVmx/Gz0ay2h+01xQ4QtANkz4/LB743UCZNMlhRUEEK
d+mmoXj+n/AyCMjXVi6FVS35p1jHeaIM6222D2+uvqXPI3Q+KwdAdSs1IW04MHc=
=W+d5
-----END PGP SIGNATURE-----