-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-drupal7-14.1-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-drupal7-14.1-jessie-amd64-vmdk.zip
      d557fa0133baca42b15da6ac38b13b97

    $ sha1sum turnkey-drupal7-14.1-jessie-amd64-vmdk.zip
      070ff337795ccde36e4783a4efc6de4fa9da7f97

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJnyAAoJEIXCXpWhbrlNJTEIAMiKXJwZlksgrNG+EDlYV6aC
9weywHkQHDW45EWja/zViiMeEbjR1syt9V8hodozPCQsDxblXcA41XCY4P97F3x6
JpYBDD8GOSg9WkdJZ92eB8RkvmqFnbrLgDrT0DmgIBU5eMVce66HVc6NOYs5zLnw
DuRPF9oMKQXHMLPxxJqSAvByuxPWomOv/WHRhSim9pmpbp7TqOtLybB19fLo+5Ss
hDdFb3L0rq4RO/yi7S7Na5rJASFlPh5wdLsj40nXASDU2uAjDVaBpyMfYBvgmJ86
9PU/xv9V995Bx7nmZk/7NKvGYZhgehe65aOdTukcHpaL+FXbsaZanPLukuPatII=
=jwSN
-----END PGP SIGNATURE-----