-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify debian-8-turnkey-ushahidi_14.1-1_amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum debian-8-turnkey-ushahidi_14.1-1_amd64.ova
      801d4fd402d4d126eb9dcc32a55bf526

    $ sha1sum debian-8-turnkey-ushahidi_14.1-1_amd64.ova
      737245ff651d110c4c8984bad255e72b74c3656e

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJnvAAoJEIXCXpWhbrlNQp4H/3E5s8ZIKUge2wR+bL8v9lcC
jbph4iuS9JqpJuNNbxm+cEaV7SwZO0mMWj3WbX6RIG7XcCs0WCZYLAfjlvfobUEY
GqinMEp0dqk93Jet6Ic4vi2J6rZZCx1vUaX7Ny1vni3+lTE8xLIb+AxwHLymyjk7
sG6R0Jd2jxHMEnBszccrVYMgoU4yZ3dDS+J4zsz3i36+Jnmgg3VzRLZR6qtbeoQc
Us6eRcXTBcErx92go0yDyn1MZP7zpG/XDPKQ9e6hRvIAg+48yKFQDgaHyV7lqbto
z38Sda75wi6q/b+JrGAkguqDgVL/Uim/GdkbRkwQ2H22JPp5uj7ULPTkajgWzI4=
=DqmR
-----END PGP SIGNATURE-----