This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-core-13.0-wheezy-amd64-ovf.zip.sig gpg: Signature made Wed Oct 16 08:10:26 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum dedbcec872514c8175ee1233ece2f23eb0718f56 * md5sum 060fc42f2028a601a9c16cd60c71030e You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXknrAAoJEIXCXpWhbrlNJQ0IAJi6mlN0vbxNsAkEg3Cu3+5g jQL6Z2ESg/q8pXxagn0+mKGR/skwWQD8ywFOCcAX/QyVDdUL7hw5u7duqvJHlKiS t5wrAJvYDbhw4HI8YFv8P+j6PmgPgPCcaTZB5siovRhN+slhTN/5BCbEbqw/Ps3M LUc3jJJefMk76hT1KC/UAK3Bz2uTQU/DnVsHk5nNTqRdq+eUb+dSGpQB/2D130j+ +dWTyANOEeEP9QPhn8ibVQAWBSiWSTnLaFzbbaS4lzOuRfsNcX1hzmclmbh0pJgt RGFatiaaofCmnwh+AeVXp1iLoJgORp/f1FCBs6kBeHVbRlhBychCcxYL/4+taaQ= =hxgF -----END PGP SIGNATURE-----