-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify debian-8-turnkey-drupal7_14.1-1_amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum debian-8-turnkey-drupal7_14.1-1_amd64.ova
      1c0aa8c2c187f2e35008ffdfefc6d7b3

    $ sha1sum debian-8-turnkey-drupal7_14.1-1_amd64.ova
      ae969e5023e16b4b33eb86bff80403da56a845f5

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJnqAAoJEIXCXpWhbrlNwVwIALEi5pvjx4LoUr49CVzTb9SP
wWTET2eghYCaxGAJtFZXoKKi2fH5oIoSwENyoG8hBEj/1c0GBL5iL9BuKIV32cVQ
rqJhHIEkDIOmpBQecitgd32FWb32M2XOKSmQePomoqQike7O7/ZpV9TtOJ1FEP0h
CTrj+2Yr6cdcvOKXtyF8/YSDX/zJ7w5gaQisS99TUX1op6jkaBIF9HM02O4BQPhS
r8KDzLdyT616p5crEvs5Zt8ASHuI3XumoRw3VHDhDbQKFI1nzu1FTCM+9vJDyNP6
PEs+LKLLqWSrmV1RxLsiz4+ULFaC8g5WTLrGwln1Lu8jeBQGKdC4LWRHaiJuPjs=
=2h3h
-----END PGP SIGNATURE-----