-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-odoo-14.0-jessie-amd64-xen.tar.bz2.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-odoo-14.0-jessie-amd64-xen.tar.bz2
      e03303a2e3193f0deb78a2691aca35cb

    $ sha1sum turnkey-odoo-14.0-jessie-amd64-xen.tar.bz2
      ecc8ba5b34096f6bed55593527fa94c808531735

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMdiBAAoJEIXCXpWhbrlN7h4H/j4WMn7G0ldgIkVqVukYVelG
e7rLCGDOa7/THeRHAHByLx2XB6uYbcmrHav88ug7vcg0ruc2JW3DOwLh7Ye2QJfu
pUFKxJnPVBgVXGTsKtAflFGeTt76bL7pSQECvx2zofraDJJWFX/vfFtom45DzCQX
OdGonA3m1cEwB7xb9/lphKqZG3DZjYJV9zXdaDZxGfI//BkWciR6xeR1Q4ySwNO1
Pvwc45t9DpHwCBiLx/QWCFSAN5hKPkLkCItchJ1Dw7KwrlUdUNGM+W30p3ZEsEEz
7zDf2IBVYfrk9mwgchIQgeZtewwSUmuFPV3UtGDEpaJzt62LFvOlDqnxktJgxBw=
=0vSA
-----END PGP SIGNATURE-----