-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-joomla3-14.0-jessie-amd64-xen.tar.bz2.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-joomla3-14.0-jessie-amd64-xen.tar.bz2
      c43444dd50652fd014d51552d9f6c673

    $ sha1sum turnkey-joomla3-14.0-jessie-amd64-xen.tar.bz2
      50ffad6bd2f7719d29aec4ed89e65ce8a81c524c

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMdiBAAoJEIXCXpWhbrlNZXYH/0sVaofcV1RfyyFl0liw95OP
v4aVsD2xccb82HpsQ844wqVGLuMsEbVUL2TJPU6oVrC/baPy+X+0uKSkASTfW4Lm
97Cjkyk8isoWhPDsdA80DlWQTHtAnZApG+LD6irOhDTFFMARozKFdwWsH80p0PSH
F9hdJ7eM90R6IyXAOjML09TkeCiNm08xWJWgTpk2JU+oko6CXks9qAi31HMknG9C
4SV2Egkahhl0aYf6M1Yv5GtPQYniVn+ZE2plIlhtM5Mj+YXtQfdogPowwCFuFquw
GoVxEDKRFWjw5qALtBEHxWjSFKyT109prBRkRG8u2Q//4NkSZ59n7+tL+XjrLhs=
=PNJU
-----END PGP SIGNATURE-----