-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-vanilla-14.1-jessie-amd64.iso.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-vanilla-14.1-jessie-amd64.iso
      70da344cc69f6daf0fc668462dd0f839

    $ sha1sum turnkey-vanilla-14.1-jessie-amd64.iso
      952dc7e5dffa014bf24f381f379b6d448341b601

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXCkP1AAoJEIXCXpWhbrlNhCoIAJgjQqBhZNydZM1kcvam+4Kw
fvqkM4VI84eevP77k7+WwQOoG4IFhKG2MjBOpfudTGXGN5XjZwNZviwaR0SdjYmL
05CgHP4fOwscg56ZQxEkSLqJdizqGrPa9oAjnmRoBx1Yva6KOJX7WkE9EUqxPw7C
QKsb0B+sSn8q38W1Jf66XDTFxVqpf9jj/AybbY2RKoTkWULhkI6avNdnGe32mWN1
L50ZzCVgwWuLrEAgwGpF4BXVOoXRos2R1Uxsc4gv3Tg8FXtH2ocYFWRlsqUEPyZI
NAjwHs6Vu4zTCcnSqp6hIQuHPeK7Eu3lxNZeyRClkJbopU2mjPXLia+jQUpHSSw=
=id0u
-----END PGP SIGNATURE-----