-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-vanilla-14.0-jessie-amd64.iso.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-vanilla-14.0-jessie-amd64.iso
      bb0b03483534ae81c4fe2470963aa04c

    $ sha1sum turnkey-vanilla-14.0-jessie-amd64.iso
      d321587a6083c9db6a5e1344b75aab5e711794b0

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJV7BrrAAoJEIXCXpWhbrlNOB8IAMk0v/Ul2DLmIUTusxb0eDCb
DYegRHOhfKQqgoN6v8rmfqer3N+DFZiKYWvgtA1QyrzPGVdAhnAY9PYeoIwSGdiQ
NJe+Zp6Fc9JQffFpY/SQ+eb/oZNaC8Yc9JYRDtqTO41fsyy9kMKq9pK5CYFOsSyF
RgBzWKkLUSvrZqdFC4HdEYO4sxCDvAx2qp7oyat3Uaho6XgCgzZx0y3Yt0MzpCfN
PvtRv/pbnDMFSSFzs5SRn/oZ2adnowIOVvSUZLEV2iEYNbGu7tAa9r3c3nknUZu6
VRvA4tRP0PDB9kGscjgE7ILa7cQSxCyw6EZd79ZHkpuqAtzTYGQRL6Yx7BLin7Y=
=D2Az
-----END PGP SIGNATURE-----