-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-owncloud-14.0-jessie-amd64-xen.tar.bz2.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-owncloud-14.0-jessie-amd64-xen.tar.bz2
      12a1be2051db384646c55da7be8e63a7

    $ sha1sum turnkey-owncloud-14.0-jessie-amd64-xen.tar.bz2
      b87475ac32cb265893bf4156f9296ca545b6a931

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMdiCAAoJEIXCXpWhbrlNVHwH/1FPpL15j3MKGxbilIYmNpcm
gfrY6XACZGtDfWe3Z6i4plT5gb/i2rySJeukHEr9O45rnFM8NC9WcuqRqMyd04F3
dEjw29TG0GERxIQmnqFh5IdXp//BYdMI/rOSkv1Fzin7ZKq0FbCJsXgMVcrGHJkA
zcJLe8mG8P+rr5EniHWKpPl1DLwS246JjbJMY8PhcwctKTUXQQoC2RC1Nj5Nrf6g
rdbUBH9tgr/7KnWdln27JawogtGj4jVqlQmjBziAW3avPLTl3Xp5sKDsetx4vvT7
O61Y2bcEkYyF7ITRj0ZhNADORuZDceqchJUHFnJVmcHZnePEmpxQxU9kxWxDlLU=
=tFH6
-----END PGP SIGNATURE-----