-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-mattermost-14.1-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-mattermost-14.1-jessie-amd64-vmdk.zip
      72aa793929e9841940fde9c305861a4f

    $ sha1sum turnkey-mattermost-14.1-jessie-amd64-vmdk.zip
      1b43b5b1f303a16f62fd6211fdd0ed540105604b

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXRb5nAAoJEIXCXpWhbrlNzjYIAMH8hPmWZq5nVEQNB3Sn2Sj1
4ZQUK9H8NcOtczuJVafkZ0d1B8/qfgnpk5FKPyk1iwYt5akYpwYViiO6Nz1WczDS
Qy1RtYCDKVCDDbqywdCntk08KtX/RAsSb5q9wh0rULfOZjYDzh3sgly4TCEDu1Dd
V3P9ucKp9l7r0z6l3Ila/KdHXUtw5i09bcbtkWtbw3kPWK/1H60GKilq0QJ+74a6
RfkLq4yyUvNAOnRfUPZApMw3rab/me2H+FEcZTZLftKSA+dRT5BpowOiip8dW9cc
Ts+id3nBW5+awXCGjqozeClzShug/KgGEIdcdr+dNwwekYxSE4GbohQxmtYxJZY=
=D8Qh
-----END PGP SIGNATURE-----