-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify debian-8-turnkey-processmaker_14.0-1_amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum debian-8-turnkey-processmaker_14.0-1_amd64.ova
      2b5e1189c42b95c7fcba131a2b6fbb83

    $ sha1sum debian-8-turnkey-processmaker_14.0-1_amd64.ova
      5d3e734e51ad62eeea95c1a099b243bbf3126cf3

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWObxVAAoJEIXCXpWhbrlNAEUIAI5nCs1dhQIvPUU/5jA5AuBo
MzmG4+gY4rWl/4wZ45yiC+dXxZ/qx3hSJTh4jG3pvIModB2KmHcgZcjQQ+mBgNnc
sxoT7D0f+9B8fIk3nvh4xx2fmlxNSbzV6j+COELa3sAnJcSyarLkqLvoM/5SF3Kr
HODop8I3YKYoo1uz5viaWQ2I+ZbnoYMzGdzItnQdna+hRCBl9pzYwssf96apUfHk
1uGUOQyMZ2YIKrv68RhQ33Fmw2m4AXesC40Jmcns+OsHrKKoiZi7ZXRFlIFtc/om
uyhRsZFvrbentdQIq8UIT4uynvtpRHySWXJOf2kHhwS/49dJaHQJ9fqriihrG84=
=VRJJ
-----END PGP SIGNATURE-----