This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-e107_13.0-1_amd64.ova.sig gpg: Signature made Wed Oct 16 08:19:22 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum e790cac295f690cd2a23711ad081259a89d55c33 * md5sum e0e7f3556ca7f911b9d232994cd23ffd You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXkwEAAoJEIXCXpWhbrlN9QcIAOkLLSNHCTWc2LkkDME9uv7/ tvDJpZMyp2jQ/qEqZ8xn6vXiXXZjDxsnppMWtHuOuXEtcu0s2RoGF7DQ793iGNgl weodldFHofx1TCgOCMindkXapLQw9rvZdNQeJH2zGjejfbMqbn0Af9nJOL1MYYEK ufs/Qn4MM7sYJ7KS4o0JntQRJUUFOu5RtCCqrjkuVWWUF8KkmF9wSUChBDwRzdSR HaEkDa7F4BIbeMJ7UiLx0PRdtJpXc37ZnXApuOj9N0RgRyL4atjFwbZZv4XdlH/B 9CgHdqf5FDVGYwd+CVVCFVGIrr9EYY4MaRAk7NPciBszVX4zDTVnXvvYvY5mEic= =bOMB -----END PGP SIGNATURE-----