This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-lamp_13.0-1_amd64.ova.sig gpg: Signature made Wed Oct 16 08:56:06 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 401c3131cbffd2c9c135e4be3ce9acc411f892f4 * md5sum f586542aa2b191793e59fb762dcd37cf You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXlSfAAoJEIXCXpWhbrlNLZsH/RAHAFzViWSeeLFsNs4D6Lde Mzf/fP2Tb44CQniTlFyClgIYk/Uk3907WYEI+/5JeYmZObvf1tqydnSFqU0B8nfd JCBnBU9LrewWgxR9GNR9M+mlg9YQv+lrwRu9H+mKnDJqfXDhMcwaYgyKHnx1JfeV M/pqHs64pEq9RjqN2I8rJ2dWtvXouMse4ikbvIx7765vPQtwMHA3ZFmvzSyL7MT1 ImSKYUsmRjccHYqeWLir1HBuf8evKfP87D1h2Q8SEy5nGT5Q1di5i2wEPbkqJpvu vXqPkNos/tXiHR1qnQyfDL4OqQJqXGf0baObU3AJbHpO6x/zJ9Y8NPcJ9Ckn1Lg= =hiTP -----END PGP SIGNATURE-----