-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-foodsoft-14.1-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-foodsoft-14.1-jessie-amd64-vmdk.zip
      5eaee60df36018b56a0f5e6bdfaabb20

    $ sha1sum turnkey-foodsoft-14.1-jessie-amd64-vmdk.zip
      438f89075d6b41dd74011b015014de4bd1aeb8eb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJnzAAoJEIXCXpWhbrlNwbEIAOUkR4KAbXxtB3QQO4gAyruz
r5P7RucU9m4uTSwvq0MJX/4/C/+HLNXdLdIzadj0OVWCZDvNUNYSzfFX0lN7B+KS
k9RAWpHqQPq3skm+TVDIiiT7gePimwaQ4dff1bD75z9TiPUfNRXJ31fRr/0kTzgQ
s9bBnI9r5zDtD57B93UmOfPulSGAFGvvSVPYX05musi2cHXa8wvgVwfNA+GcK5Z2
tMInuKg55oPODKtmXL0McRY8sVoFMhbszc3BnCqZd1ngb55s61XiY7GD0SC56WzX
dYv6BwXGeS8zTLISsNlITlNf+BDPIIl06sJAA2vy7bQSknvx2WZnt+OMymECsgo=
=8lA3
-----END PGP SIGNATURE-----