This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-ushahidi-12.1-squeeze-amd64-ovf.zip.sig gpg: Signature made Tue Jun 4 16:41:30 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum fffefb823eb2b20ff664797009ce16b3051e4f1b * md5sum b3c7aa969fd7e8bc3e9b61dedfc2a1ff You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrhiwAAoJEIXCXpWhbrlNTckH/0Otfo/H2BCiiQzanRNPMIFI lwihp/i39V1p2+6MEjShN2CZZikrLse2Wvpg/Oh6lBebPzJEo2lkvw11Cgxj3BgB TZBFcSXO97Nqkqow1f8oPcBO8igBfWJYXfWsZmDO2DAJe8Ry91lqc5+2k2Y+HIZj qGr86DGI+PliEuG0vM/QtPAeWnke4II5r7zI4pbshIiWN5AssjIlyPBiryW2uPGY WYEbM00xPFjCsBhPW4S12XNCsMreS9Moqa1yx8cD6HIBhxCzapcJw7DR0/Z3XnWF fHtdyjy2buQtrNUFzbr/sMId5U+7pUo5i97B9UbmtfdVqo0E+dbdfjySI8nKRX4= =PMmd -----END PGP SIGNATURE-----