-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-core-14.1-jessie-i386.iso.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-core-14.1-jessie-i386.iso
      abe4838eee9fa5a0300a851eec5d109c

    $ sha1sum turnkey-core-14.1-jessie-i386.iso
      c84a8399a044a76213c72169afff1cabe50beaf4

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXCkPxAAoJEIXCXpWhbrlNSSgIANHnti8FiNjxR7xJi01FtCeh
fSCsySe2YKuIb5KWtkmkjHZ09uYALXjkW9rkyQNGKfztVR1D2DxYDqvMdpPuhLP2
efHMo48rXDoS09vw2xphP7C9vqtf+lfvUY82tnhaj0IJ2j6ueNysaAmVpq11TQFv
ZqzTFh7SA6UrHBrd5PVmzW/vKsCkh0q6P0MwQ8s1Vwk1EQhJ3UfUdz9Ha2AIOZyI
Zq2DO2SaksXXgAMFI2fkOfuXp101EmVXFHKsipzFc5xs5JeR1scigW5uCo/UDEg7
/wW4dEshgb7jW6GG7xxGBjy/MafQRAFT7cPYFfdazdJl4G2+khL6dk89SLsyGHU=
=5Lu5
-----END PGP SIGNATURE-----