-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-otrs-14.1-jessie-amd64-xen.tar.bz2.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-otrs-14.1-jessie-amd64-xen.tar.bz2
      dd09dbf9b56fb64814301e14d723cab7

    $ sha1sum turnkey-otrs-14.1-jessie-amd64-xen.tar.bz2
      032db88025af4b00cda1c03521fec16e91201283

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJn3AAoJEIXCXpWhbrlN07cH/iYDXiXVpGhoe6vUmgSCpuUZ
LFXlDHYhGinBJ9HXslHhuqdpeQ4JWlHH43FvPrBmyh8oT9St6z4ZozdAfcNxC5hm
0yrHblJEYrerl/JMKTeLjtHjFwyadWFvCXjbC+EpmY1IxSM3TCVD9kZpTVIMohmj
edQ+zXsMGCKoMOZ6ZlegN/nycbS495Y0q+vE0dL4JpW9gwumTp8Ak1s5IzQyeUDr
Mwd09IUvV6dM4tbEesTvV8DJ5OIbRRkxIvliPHupFXaKlpocARZ94Im6iT/64Cns
ytCQplVp76GfrzVrxOvZUzTUOspRJ/WZFM51VyyMS2lbRqelEAshectPLx21pGk=
=9Ri1
-----END PGP SIGNATURE-----