-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-openvpn-14.0-jessie-amd64-xen.tar.bz2.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-openvpn-14.0-jessie-amd64-xen.tar.bz2
      a30200c5648712a5bcb2e391e7150c67

    $ sha1sum turnkey-openvpn-14.0-jessie-amd64-xen.tar.bz2
      bc05755c6865a6288387612b720b5704e7529e35

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMdiBAAoJEIXCXpWhbrlNtVwIALO3ex6Aw2/MhIKZpaDnGgNn
ioVQmziKYdi+J32Pj8wPYH8V9ZJA7NO/ueefMaqIsJjz8DEv6vdXIUpMkPFUmDFI
1lgZYEyGmeDrop+51fWWKYJzvC2QQSoXi7bHIkdeyFMnfucNPTTT8YfJD132M446
k0fC9Ne0Pv+6jD6TwtKW0EOCnMTuJe4pL5IUcoRYZKG62CVmFV7Sp0Pgg69Gzz6H
FwBjLKoo9ZeID8hPR9fAmOqvS2wuhehngJcuzCJAKjJzAB+fwe1NE/o2PaiLnhyq
C0yJXdPGE3T2vyRnopQB97hNCCYg0F0QFLP7i61jiwvhf2pA6/L9jq8BEY9u+ig=
=Ea2P
-----END PGP SIGNATURE-----