This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-processmaker_13.0-1_amd64.ova.sig gpg: Signature made Wed Oct 16 09:59:02 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 9e8be998743819319e18bed64935931ac4e8d709 * md5sum 71a04cf548b41893168820275697687b You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmNfAAoJEIXCXpWhbrlNiJkH/i8Y9o76sOWlER6YN03VQsc2 y+FaQdEE+Jdn3cbjTC+O5WeYypXyHfirG6RfN29mQGR8ypoyYZ+I1wkq86huRQhA 014JS7KV1EYIfqAaG1d/44tS25rpvOcq56b498GeHkOTogeCIGIssEQllp5Kmn/E HljSY4sZGgKdAcWbbNyAJqLepqkIE3gzdVOK6hSXiI30d2TmSI6qKouXuhQCooN1 qYp7GL2bi6PSaRck303XYX6WDtsxO/NMjiYNSvHuBYcTYEnHz5AuEQqDem8KnQsK bZDZ7h4zF5C86XYDlrxgiOsQgfXqoWHHxxSaIfFKrPMDaA456S+H+cZFsHRzI6w= =RnwK -----END PGP SIGNATURE-----