-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-elgg-14.1-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-elgg-14.1-jessie-amd64-vmdk.zip
      d77f6c08b307b4df887129f18849d3ce

    $ sha1sum turnkey-elgg-14.1-jessie-amd64-vmdk.zip
      8f61dac22bd2f21a6ff5b690eee6b8bd14e42849

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJnyAAoJEIXCXpWhbrlNlbQIAIiSpq+y5ygzVpAuqBVF2N8i
Dw65MoIsehfdRsazCsMyVOrjctyLPHbbTG0gHPLRPz8fjCe1ls7hdbnZrEEATXT5
TWYlV2ozIH+DaxPfktrYn0U8RlXLeVn6oHcbgc5gm1/Zf5j4XtQh6bGsGjZEvMOx
662CnQ2IglxjzzUEVr7YmkCxuj29fpXm3rEpiA4dB2TIK1W8P5GGlvb+w8BeYMf2
dd7QZVDnM/+0cZ1xwf9pMdNfrhA22jS2sztAlYTSteupm7tLEXkHTtMB4gZ+Ho5B
gLuvO0vw8c3UmqHobSLbugqGP7slbTQzPGQNC73Owtd78MeY2RL7O08AdYX+CtM=
=82Uy
-----END PGP SIGNATURE-----