-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-codeigniter-14.1-jessie-amd64-xen.tar.bz2.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-codeigniter-14.1-jessie-amd64-xen.tar.bz2
      d949dd00aa33144a1ccc5caf9a1a7c08

    $ sha1sum turnkey-codeigniter-14.1-jessie-amd64-xen.tar.bz2
      ebe7605e100ef7de42a329ae3dcc94a782340d5e

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJnxAAoJEIXCXpWhbrlN228IAKCilWS6acXpPtZamuS9aC9c
6jxmk0jvwtczF1r0n8/MNqD3G/iimSEN75qIztO5DAWDpcZy6SLKN/SJwT+zFD0e
J1h0/cIJ+uU5VRUULMBXi6z7G88sfVsvNeLhSvXMXML3cDLLDhL0+DP5dLGVZpJ3
UdUgX+ap4o13J+qycyYGOTYk+jT8lHUXXtg7IuIo26+r2yzwZ3rkp2LRV2V5+A4F
XmouW8pvS9JCW2PESVA0NXncm2CowLFnXAdpk247xVA57gulILxdeoZgu9WzhbCA
1ki/HhdKZxMDZLvV6tsUGoXuatiuIgc7/Wc1WDdeQ0w5wPn24YaYofI+ihsZfEY=
=NJVa
-----END PGP SIGNATURE-----