This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-openphoto-12.0-squeeze-x86-ovf.zip.sig gpg: Signature made Tue Aug 21 12:06:12 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 2cfb4456e4ef48b7008344f31bb9165b828a2778 * md5sum c7665ec3110d64a79e84abe310bd66a7 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQM3mnAAoJEIXCXpWhbrlNgVIH/0Jcu2b54qyq4dnNSOJy1N7b uCc03zj9zrwpb0cWBfsZgO6syw2NszvRS5xGvRWfuN+LxS2QlwqRTuVJp/WPFAoE 06YAvLrs2mPJc3elwlAaCtH1hULfL2qqmHbqUAGOrUGfEKH/D918P8acgBBrIT/n hKV6u+Zh3CF4d9wsqqd1DdqAVVgeI1IMQn8iHqtJDrCEk1Jm6ud/OVQPsU7xsflO cYrKIiQu/9blGi77x2VfO3VHDckiSOsUJWBzpSsFI+Dg7vDMuVELvNFKdZjrt5Wg W03D/vy72Kos0lUC7cac4pzSciB1hl0U1X5zGxlegZr2E0A+1F09EywnI/9mgHQ= =swa0 -----END PGP SIGNATURE-----