-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-twiki-14.0-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-twiki-14.0-jessie-amd64-vmdk.zip
      8f52d70d2184c58503e828e37a1bfe44

    $ sha1sum turnkey-twiki-14.0-jessie-amd64-vmdk.zip
      e9268599934b2b8164c12d86490f2887d8721443

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMJdaAAoJEIXCXpWhbrlNLqgH/jBjIHBzBNECa6RJhqR3heFn
rrU8dLcQ6NEEw8mOYO1HoeuK/xd5L+wg1/WrP4t9o10FdR3hNVajZ3BgO73RGzrv
yX43jU1d5guqK8ki/VPgCij4TkufDKTxzbzGWCwocGLDtZFPeefnMoQ744Q3r4gm
ilwa/G/gzT9zoQqbu7Jl6g66VQwjJSMWuys4fNC740fsLE13aGqy1iFB8FFdykhT
HKF5erAPCjh7tpcohyFqROc01l73TwkbSys46cVcwEXVRBjVrjtxQdEPSsPJaXT/
ML3zOukCRt6Btvfd+JqtvSyatAsLe8D81YeBn4tSZfoazsO5KSBkf0JAn7FPhII=
=WbcR
-----END PGP SIGNATURE-----