-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-openvpn-14.0-jessie-amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-openvpn-14.0-jessie-amd64.ova
      623c40c1e6244979b7a43b104c8c7eb7

    $ sha1sum turnkey-openvpn-14.0-jessie-amd64.ova
      0290016aa1027f4bdd370bdc75b3518b0959cd39

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMJdYAAoJEIXCXpWhbrlN76YH/iCfWmD9+EVH2pp4X1NDXQaV
wkyVXPbGsjaKOWXm8CHFQIwvhlJhK9mDeT8i+YG0MSzM6CGpa87Dk3XR7bNyvdpf
kSrDj2qg3Pmqmeh96JS2TfkkwOigzKFoe/GwEhdwMBdPn2GpqHA2waFdBAr7Paa5
xdgY8A5taLxNChb6i8W9cT5ygG9iQM86L0lOD0O+Wqa0IkQz8oyycNrHUcwjCVeO
e2bTu1YViZ4M+x0xjdeJ07tE4sm6/ifOaLKoDTH+vNpIduoKThA8qA4+OHRlzbwV
mddpZbadPrajMWJTluva4M/MlXbpf7h/Tg/JGh5WTHgf+P7PCoCz10sT2iIZcvM=
=DXEX
-----END PGP SIGNATURE-----