-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-elgg-14.1-jessie-amd64-xen.tar.bz2.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-elgg-14.1-jessie-amd64-xen.tar.bz2
      9e33ea6c678dc46740c4011545c0d44a

    $ sha1sum turnkey-elgg-14.1-jessie-amd64-xen.tar.bz2
      b0b99611e6d2c6786af1374225b64b29dc392991

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJnyAAoJEIXCXpWhbrlNSFYH/iiQareg2wW4vR5xxWGJObBr
clVGZNZQDrgPQk4XtGMfBlksZV/jKZ55TsqXThbKmgoSvNTpILiCO4UfQD9eXOGd
uPZpjDHTnZD54rTOjFx/1dCAzLA4OUF4d+mOo041UZ4xmv/UT5Zwt7d5OrQ9PNni
6cuBGfPfT72G9XBGnvaV+VtUCk6OASOKkgTQc7jWduYN2C2sSDjmMYTBKGMQgvLa
l7LCf5m4+bnV/uCCSJ91nAnhClLKV1tLPJEBUPCwzDerx2Op8KdPGpYEMwjph7Qt
aJGDV1JKseEMHuk/KFQS4oqQRg/L73a61xrZ3pp00COsiBM24ILJk6epuLwTVLE=
=b6UB
-----END PGP SIGNATURE-----