-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-gitlab-14.1-jessie-amd64.iso.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-gitlab-14.1-jessie-amd64.iso
      568e4e97afece61d0b19341f6a4afb9f

    $ sha1sum turnkey-gitlab-14.1-jessie-amd64.iso
      ba4bd36d93b4debafa72496bf0c05ab6984a1a09

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXRb5nAAoJEIXCXpWhbrlNB3kH/1SiPzDLtrWWtkbByLVd7bKm
49DLNbjb4Yrf8EUfJozgMuVRmkkAvT09ZK4x9wdu0h/fHtfT6F7drRnsndL1zv2I
zxScGH+wMX4RdLIjroLxnSR7n2S2Rc32D44O8/FLnLU2X4fi+6pIA39tg+0M2n1t
zxn1Gnb4fC4NIri23RcDRzcUmGMuU1WM3F0FLKZ/sOpbaGgPpsQphsI0QpcG7rqz
F+Wv8sMQfeluCKYoQqcjuZDEAIeqF8TyZt9D2ajE7iB3DI3DrD7odRulu8PU7zdX
SCWNrpvQ6J3Zes9q8kmoesHwjvt9Mn0AWO7cEmA30ytk6U1NYWWuUIZM30YGSbs=
=/Fz0
-----END PGP SIGNATURE-----