-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-collabtive-14.0-jessie-amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-collabtive-14.0-jessie-amd64.ova
      bb1a1a229aec1eb40d4e2b62799fc72e

    $ sha1sum turnkey-collabtive-14.0-jessie-amd64.ova
      9c759a45eedaa56bb68d08527d80b3d86840b9be

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMJdVAAoJEIXCXpWhbrlNF6IIAK/kpv5fllu4ijQN/XqDNrOk
dGabl8rgoFO2FVO82oA1MlTpFFLk0lV9N+EQznE71/0l3/fjGn3AlnUUPhvSnkjO
BkHXGK+4CTzHkFrQ9Fk4QCM8jYXm7MHFSW+pOR5xWLQ2bsQxbHqk0qvECRvFAVv9
d9Av8JVVCKc4icZ4ObUc+KgngZ+n5qPZL/PZSIa9Xzjt9SJX/hW4aB9vhqHlMrxZ
NH9Ih2bdtYMKAp7DTJxdx+8trCV0jnmvWMxzeSIzCX6ekOBRCtqW8lCjM9clVOue
L6uXcV5yor58auSWrrTISq+IOwPbCCTf+r3YEe2CTIzqkC5bEnU6ZOqghi9GFME=
=CnkU
-----END PGP SIGNATURE-----