This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-dokuwiki_13.0-1_i386.ova.sig gpg: Signature made Tue Oct 15 15:29:59 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum ba9371caa6df8caacf1de975637e9e2e6c7db9c6 * md5sum 85664ef1f7abf6656f7644b69bc475cd You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXV9xAAoJEIXCXpWhbrlNaUIIANhVi+t3MgrIp3rL+TH3zylP y1hwCv2jpUHF6UpP7ALtZpfzKJHkI8XV3MS/wzzXYujwMdtvlg8TqmfUAE5q1zhP TX+d476yLhUIyqzQZHezvcVXvxFE8qLzy4Ty4FqziuneycIiEfVkdQ5V97MqZhbt JbryrG9VW68Y13zCxjRIcApGplUdS50Paq8HNzN7GiZo25YruRDGHkf/SAHiTsyL WrYLyHfWp9+6s2AGsm/34TcMMZSgJgVai/njveFD97iffhu1TEHTWdB3AO0YP9qY WR5NEvybE4O/Ut152XNZrbtwfya/UZGUCYmaKiGe2Z4g7uXIrk78vGRorJ4vFWc= =QCNx -----END PGP SIGNATURE-----