-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-nodejs-14.1-jessie-amd64.iso.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-nodejs-14.1-jessie-amd64.iso
      04b5a0c461231bc96fed711a77a9193d

    $ sha1sum turnkey-nodejs-14.1-jessie-amd64.iso
      f5ad2669ac2d47300a4e2cb1ff46882bd964cdeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXCkPzAAoJEIXCXpWhbrlNgzcIAIWJcSnvZldvhDX8mGtX9c0w
SjYQAa6d+njWDNiA+0HmXdQkJ9bMltBGAm3NntPzDaG11eFQX6dRi6ddlEy0MkDv
PtiloZ9wbGmVIEg/gMsIyA+boRQihyBNlNYu3w17qg/6S+vsCGLvWpX171oCqbi2
da04L5bMcxyRcuTwLoOHx1v4z9JEM9q7oX1hQnqqIvsJJh+c4X0ywWZBb7W5/3tV
8IGB1JyCAKH/YVz//79WdkuiOO7C3kcFDtonGNxvnGBAIkLrtiJRzf8DS9focos7
xKHXOf04L5AKjwNPDR0A7OJ7nB1RyJZc2S38uP46EDZCn0ZsHeMhO0UVFbDXTkM=
=8rxS
-----END PGP SIGNATURE-----