This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-ushahidi-13.0rc2-wheezy-amd64.iso.sig gpg: Signature made Wed Aug 7 09:17:47 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 00c03893a206d592e2ddf3fa94a52963c5bc174c * md5sum 2a38aeac286ee6e2246b6363920d0521 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSAhCyAAoJEIXCXpWhbrlNQGYIAJUeNy8P59v1vCEEcjMA2987 R0lGNeZlRCUaaVv1rmExBpM4NzBVMhrEewmAFsVgAT4iVuHnHS9UtVY86yXlCt+i dgJqIHoJTNjOfvN/PQmbBoKFVbp9NGlhGT/qkSb2X4QLB0JOivlW/5ATQTn9gz0a 05sYERl/UcIS5Jr7fZIJUr2tJzadIUg/A6VFaOgmrg1amEKkS0vyQh+iilHiq91+ v4T+egy47+29VaLY1xY6g1QSdCH/tsUnGyRzEdPm6xRaL5iLE1kpKblg8fT/kaj3 QHg4OHZ4bAvkrRFztX6S2b94S1xj9edwTK/QcoIpxbVxgd12n5plIGQ89IuJCT0= =ioZj -----END PGP SIGNATURE-----