This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-e107-12.1-squeeze-amd64-ovf.zip.sig gpg: Signature made Tue Jun 4 13:13:32 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum eb74c41021cbf42f9b9d7c20d3b7f5e8ad04f2e7 * md5sum ee95d728c22ec7d043b3273b97679653 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRref0AAoJEIXCXpWhbrlNY1cIAJ5ntiqWV/oofJSCtLqsoWXk EDjXDgt+sC5npIy6X3xHtmCLmJSQqtEIoHKLEft2VkdWKLQ1uZSOC2gPA/98XbHa N7KtqccB1rWwhNT3wrE/u6VBLKIJ9Ec6f0JDVxaXGpY31BpmpaswhBAFMULtxI5u 04boR2EBiT1Dqm9DLnmfu0776Lw0a1+60PpfZdjGv3nwK2eGgxYjPCPqs4q+xC7C KlFi8JIUPyjq/6//8k2IZMXX8zh3yjUBvkn5XeR0GEbGkX3tiJ3PeupUjJfRnOzF YygJ5HhUgZTbYOWsijxaPyVk98ki749N9gEK2vcPGRXs3k57sG8NyEOoZvUUp1E= =q2Gl -----END PGP SIGNATURE-----