-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify debian-8-turnkey-fileserver_14.1-1_amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum debian-8-turnkey-fileserver_14.1-1_amd64.ova
      4ededb5f9ee99882a9f808d48aa77e4d

    $ sha1sum debian-8-turnkey-fileserver_14.1-1_amd64.ova
      d008eed4589187be34d98869407c3528cfa51bc7

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJnqAAoJEIXCXpWhbrlNWXQH/jwXoP9QK0BBdFf0qWPolJx3
ZfW/hkfZ/viQ7O8ty7UfXS8y7IHM4s4D90Cp6octtyhheJVFpQPCjOzY2PBZFzBa
IwFnbvj5EtATKSe1XOftCl1q33CauPf6QDRpDwhUOdBz0GNcy+9umcvu/O0Ng3Z9
JVpsHqzovpBHF7mJUARzo9bPbDwIHuFLBJwqffi3oXLc3ZiIftD6ciI+J+2yvBRt
/xgX+sRjLYI2wiD5ccN+ieeuEBq7TywtyR9cs64cDNBHIzjpXR/WUN1Zsww1GVR+
Z8DjhvdD2uihktjXES+36GdFG+FCer4n639YTs1kWiC3TrOIAdOnEGmeuVDcLYw=
=AqK8
-----END PGP SIGNATURE-----