This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-fileserver-12.1-squeeze-amd64-ovf.zip.sig gpg: Signature made Tue Jun 4 13:27:14 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 2ebdbcc092e745ca1948af7745022641fb13242b * md5sum 34b276cb80ca14cf2fd72a4c2d47b633 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrespAAoJEIXCXpWhbrlNtAgH+wQRbWKeXXPn1AaEDppwzYkJ gtRE0bVwDeRW1+3D2NHWY5+Y01Pfy9etlJSe1FFdOchkkQE3bsULAZD/PsMgo0H3 Co0vhFeHdSTiadOQbj7UfrcZZpdkzvn7/6hpacKjY7sR36u4lnnQjwrW+l0pBuVZ mxsyB1eFtyBT0dTD2asFyMaP64xcRSzx5SLVjCGYq/ZnV7leQPsLYS+5d97690gq dYPduLJxl5hISfl0yCjxr/HVoa9xLp/w4xnrtx850zD/bq8RKJ6h9J3haQdQ9Ixd xMe6mqfXZ21jZNA/lSUn5Qrz/hLCkSCrVk6erU+7yk0vRO0uCoKvyON1sITxHzk= =DFAh -----END PGP SIGNATURE-----