This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
    pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
    uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-lapp-12.0-squeeze-x86-vmdk.zip.sig
    gpg: Signature made Tue Aug 21 11:50:07 UTC 2012 using RSA key ID A16EB94D
    gpg: Good signature from "Turnkey Linux Release Key

For your convenience we also include file checksums:

* sha1sum  2e028f2a3ff1ed99b61c635a31d92e3dc7a6a7a8
* md5sum   6ef90fa064f905131980bdcb4964abda

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAABAgAGBQJQM3XlAAoJEIXCXpWhbrlNJLwH/R8EXt3I863Zk47olKbyNwxN
qSMWFMI2Usk75s+6WZ8e4zbu4sbCyO0fkRC++SFS7xinosBMHiKsKSrD5zMoRTb9
xQHvxnGyNPpa5XUssLYUNvxUJXzDa2xOSlYFTy/mHcqtLDBuEHwlbYPzKsQYnhyl
nFqD52DOY4mNtX+UePkPIm9wxUfm6zzikoAlU67gvq9v5AsnDiQdlUIGp5aSPGha
cocIb9WX3T/g1e0jFHago3KOoRHVvwdQbQJo13Vb5FHWxu1Ih0cDIKV7aJz3qbQn
VcZj4Z2eAa9t/ZB1tI+lp1zvNti5G8zn4qkMFXcl4Zktetrox0TcqLjAG6TvEuU=
=oQzd
-----END PGP SIGNATURE-----