-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-vtiger-14.0-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-vtiger-14.0-jessie-amd64-vmdk.zip
      997ba93d9924099c3b91c9bb71d905d5

    $ sha1sum turnkey-vtiger-14.0-jessie-amd64-vmdk.zip
      e26ac5ff369661cee6c4c7cc915f2fa57fed8498

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMJdaAAoJEIXCXpWhbrlNKu0IANUry9l+4Oq1eJzUkGM9BRKU
BJTLI5ZfqHOUQDRIIOekoZZa5P1sqKp/Wuv8IzET8uCPqtRC7+M2MG/1X8jXFUSj
d7n5V0Bctdv82D4+nrxiYE5Fm+Q2qVXSq873zgxiEGbL/ZEzMgfx9pOn05YwpgiW
bkyVaSlTjqYLnrLIwrY9t7OWwJ/GnElSF583QT8wyFaseJYn59XgNGkguKKjfpat
lOlANRBQP0EhVyzPr48n+236wPw54EQ0jX09KseG7pXMZO1IgjL5svPOp8zlDRWC
t5WForqC7lYjU5h2bQA7pxm7hyi7DkQskm27DhkJCx1mWPm3C6i+j82k8B4mlX0=
=Mg7E
-----END PGP SIGNATURE-----