This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-lapp-12.1-squeeze-amd64-ovf.zip.sig gpg: Signature made Tue Jun 4 13:47:40 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 10a90cefc7789c2eab576da8c983761fc31b07ad * md5sum 2dd7aba566156f2d892a8c2d86548ba9 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRre/zAAoJEIXCXpWhbrlNwXYH/1iCY4lrg2iOt++Gfo07rG8Z lbrhwvljjjhHXygLZlGt0wghkdlRNHIUCnzSpmwR1ucMN0R2K9no2IbbHyNmXJoV z4X3LmrK5KMXC0e9UBytzFRq4F63uJJxDFvECYSqCmAupg8aud8/2FU/yhFuty3g Zjwjjy1C6Kwx8dxOKRtg7U6UpyO+6zqtbUGzTeWkMPlto2colfXNTRv5uASDAnH2 lMmY5H877Fw8vBLibkd0oxDCwgL+22OROa/NnDSiKzx3qcvwmAbtU0g2xwOmac6u QYctlt6ZU81KQMF1Dc4MmgF1nT8F7GTBsfKt4TW03rFTdo32KbHzAmjIecgKoEQ= =UvoK -----END PGP SIGNATURE-----