-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify debian-8-turnkey-ezpublish_14.1-1_amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum debian-8-turnkey-ezpublish_14.1-1_amd64.ova
      756a897bf6b4a1efa7666c8dd32f0179

    $ sha1sum debian-8-turnkey-ezpublish_14.1-1_amd64.ova
      c3f9d5d1e8a1c5e911b28d5b0639f33bbc6376f0

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJnqAAoJEIXCXpWhbrlNoBgH/0HGiWoeCee9Y6OgHZI+macA
5C0sC71xTKih8RSERX1+93AooISN2PRzLlYren/sx0yF+td+l7t08Ui7cmgI7YK7
YRuOcYe56f9yzf3F396hWwqUzjxRGJyfRq+MrV6TYettqlPmnIxe2vtKDS7R8jHk
PIwjo2Z4Zze+Gc0yZhRkLhNfJCW9xmFVd0/4o5dsEDiJrUl6cmXEHD5X6e+gFNd9
ZY+QrEryQepYzIla5cbq5IsPJHZTdqVd23WD9JScMmZnmx7Thy8X0o0i5fJolUyQ
kdMNUWPeoI0BWwoyjfRxyCkPJpItqqyIssOS8SJRnLCI9Tm2TR3HvH4Ex7UqpDg=
=ZPc2
-----END PGP SIGNATURE-----