This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-openvpn-13.0-wheezy-amd64-ovf.zip.sig gpg: Signature made Wed Oct 16 09:24:14 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 0a5e970d00cd225f0d0bea0fb2cfc754f6a9bc00 * md5sum 421c79bc5505bc0d891da31a675c4be7 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXls3AAoJEIXCXpWhbrlNXlkH/jtEPUOLhqCj6NE1L84W+JI+ aSIgyyUXDt3onvrhj56/m939+5BLWS3/TnOxKI3tZ5x+a/eOcK3XOZm4qzEYfR01 p+AxHIe6ThSXXEnHshU5YXHwnxC3+1bLOvDx3OiyOrV8uULQpcO4W7oSJKIg51+p IJJZ1o6MrrTpZk6rkZ8Uls4eeTlKoiNjakcadQ/BHBH7HUTjp1GiR2aT4/1PSoXL fqSbo4bFvZbQKzFy4NzDRv3EUXSsIC9sW/4kmRmPL6hJp03Fjsd5RhAEcMTsW2IW pHpIAejSzogb+5h0pLZlmvYnJiw6YZq+evoublV8WLT2S1Wpklef02+X6OeoD5U= =Z+Wr -----END PGP SIGNATURE-----