This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-b2evolution-13.0-wheezy-amd64-vmdk.zip.sig gpg: Signature made Wed Oct 16 08:12:30 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 2b31edc7c70d2d10dfa9d19db01cb1a5cedd3a06 * md5sum 7195c00b7e441221f8061be5cdc26e8f You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXkpkAAoJEIXCXpWhbrlNupQH/2RCzKUHkRmIAhp1O5QvcK7Y ZdZ2dsujXnistPAZsR1uyAeBAAv2jsodGywvn31G65tgn3y8U6qJKDD+deR2mK1c ASNGJnlTAisoOtKh/HhB/oUClAvm0kryWfxtay/oJfDtftuWJPubbg0E9qeDRWbc sej+TvAk4oy97bXTkIMSuAJnlUFbVC6smMYqcDh3NK1sQH9HRaeYfv0JCKez2lEx mRIMzlw/vwiJaFG9brNy3FIfqyPItex33vJK5XhmcJ1gxkQfyTR00wBgNgwGRNiN IcZchwsYKS6UwwqhKnYTbXklXUfmiKbDU2g9+o1Vg1Qvn22ZVLcle7W89GEOU14= =afQB -----END PGP SIGNATURE-----