-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-django-14.1-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-django-14.1-jessie-amd64-vmdk.zip
      35218e64448e57d3021ba35dfd49f43e

    $ sha1sum turnkey-django-14.1-jessie-amd64-vmdk.zip
      604387a8c5cc97135cdd5a305ca2f26f52546fae

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJnxAAoJEIXCXpWhbrlNGGIH/j45oyTXip0Ht9z1X+/Xl7p8
Czn7/eZKiBA+kP5FgfIGMOtEW/vOWnil+FBT2RQFEpR3T/x2f4zPH+h/rNkLnNjL
xFyvNxKaRRnTB6MthSz5FrKI5jRODUnSZUgQlo9Og6/B0uktJVtmq8dr/edj2MFI
DYYOwy/N7HwIw0LRx76aURlGo39dGRLEeDRzv5C49lAR+Vfwl/yUPIJ1hncBJ7Rk
N9wwnsKBkEqQju63ZpxlDY6yKfFgpR44Rw5uMgICwQ0PYEYGhsPACF4zw8FVYIRB
H0MLYwy7onS0lUEan3MyOpF+STM5XqSFsxlp3nbfvLi9ZivJ9cANNJ5Qg+KEv7U=
=H97t
-----END PGP SIGNATURE-----