-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify debian-8-turnkey-joomla3_14.0-1_amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum debian-8-turnkey-joomla3_14.0-1_amd64.ova
      fe77e7f7324b34291f104c19e7031d14

    $ sha1sum debian-8-turnkey-joomla3_14.0-1_amd64.ova
      e76cf3083877254f10a50f697a83ab4daa0de5f0

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWObxTAAoJEIXCXpWhbrlN3/8H/0q7p5W7xGecItJVjncZeIuD
sHmW3C0Atl3E2MIDlGHNQihH8ylcyZCOVITxyCkEZ1odN9nJHsrLyfP2/1QMW494
tHJhW748GZaCXjv22SC9nsfpF+L3vLyjgAzLQKngeTO0riJXH8fZDi/q2SAC0c0G
t0GWCE02AQcVlCgyP446Wfl0a/Q4EL4tmvhB8x9Jztpl3jAiIizbZlAuG4iMQ5E3
LOf30BXxwo4B2Gj9Cm2ioc8aXfDvyeETIKSGOmf33F2kJ1MHYemPlF0upKD6OQZu
saRq0DzwUzafSoT3DgeLVzmXoOLoydXR6OgZQhDTCUCzBS/ZRz0cenNlOjqd4y0=
=P+O9
-----END PGP SIGNATURE-----