-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-gnusocial-14.0-jessie-amd64-xen.tar.bz2.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-gnusocial-14.0-jessie-amd64-xen.tar.bz2
      4ef98e113087b9cbd89d4bbd522cb5ce

    $ sha1sum turnkey-gnusocial-14.0-jessie-amd64-xen.tar.bz2
      7e939b5b9cfc111d685b85ff96f71e1fb2c5f26a

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMdiBAAoJEIXCXpWhbrlNJ0wIAOamqUg0FHlwtnxH/FHr3OGm
X7KQAXJe1eoDHoDFdNL8RWmFZlrGSPm0talkv4mCelfapBmjSspo+AlgKO4AO6aP
SGxKJcb35nav00Z5JnZTrEExJiAthMqAK2WQy7I5PkVgYimqSKjvJiiTKBU2Maja
r4izmtxhOCIjc0KWGwxXG2WIF2wdBSAr0lJbqFMRdKuP8DpvbdKr5ipOKs3JfsC2
RcIY1Ypb757q9BJqqB95MMM/QP+w4Zcry/zd6YA8Yr9fZ5v64FnHCnVYz04PbIdk
fAlcfz75M4jziiBgltiINPiwI/7nlhlAyKTwEQP6TJkbsdjhgekcUsRh4t4v/3I=
=wwIb
-----END PGP SIGNATURE-----