-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-lamp-14.0-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-lamp-14.0-jessie-amd64-vmdk.zip
      635eca6b3090a89505009764fdc5db06

    $ sha1sum turnkey-lamp-14.0-jessie-amd64-vmdk.zip
      ccaa92ea4655bd88c0b9fea8ebf710b42d6f086c

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMJdWAAoJEIXCXpWhbrlN8EIH/RjDuRRNZkx3NggqXbDnyToR
hbDw04jtkEplPtTB18/xsW6pSQbO7Um3bYVC92gXvVX38TdXgVXnjxlDSBJO8HYs
ZZUQRqVkzK614NJy45VDNcpek5yAVi2+ANQiYEz7Brb403C+AYgRvaLT/p+L/k7V
1MRg4ZhS/RbT0ku2uUAUIEJ4Y2uBnivOA07oDmn84eWGn8fIHzoK5nm+fGsiYS6b
V2thgPkfMvKyiiTq9mFmi/atfA1eHfF5FwjUxenkyASCfnfuDnRzh/bed0CmZ9at
buZoml5APsOPLSdY3BlnjVRNR60etIVDCdGNEj3AgJYhWQxgxGjR1dd4dyHvqd8=
=15Cu
-----END PGP SIGNATURE-----