This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mongodb-12.1-squeeze-amd64-vmdk.zip.sig gpg: Signature made Tue Jun 4 14:29:00 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 1bfba678e68ccfc7e05517cdba12c07cd9d795bf * md5sum b2ac7a1421a2a5d8188396236a596237 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrfmlAAoJEIXCXpWhbrlNgTIIANBn2yatdVpzxtpVHjApFH1K f7ov/nf9WxLi57XHwRl75478g24V1lhpjAa3kXVG2gVaIh+Cjro9Zyi1KP8kcb6E DMIvr7Ts6iVxoHLinuDGvZYHMiCd7cYKbHNBAmcu2TvMIgE6YRx7h1Z8fvqEHsMX yb+KKI28ICyNJQu0gMNN9WqproPsYhS5bE5qMs91GLFwVoZQx2O2RYE/ffQc/Xbs BtHPscU490zmw669YU4IU15i6RRd9k946yN/jIketO6dT31lsNaGOdlSddgANvGz 1awVrkawFlbuKGc+R21N0IC07/zV4XugxwlU7kcxANhgQFsq7hi6ebfm8j8riW4= =DStr -----END PGP SIGNATURE-----