This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-twiki-13.0-wheezy-amd64-ovf.zip.sig gpg: Signature made Wed Oct 16 10:31:13 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum eea81d164e79a78b2ea1deb36227b9ddcdc58593 * md5sum 0c3cbd51fcbf8bc1368e9d353ecd5703 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmrqAAoJEIXCXpWhbrlNMloH/0yIEpYY2eCszZum0dwkAxUi aj1+a71Wqzu1x1b/1taQe6s2P5wl+IGSDD15mBYQRZJi7PHZEYqkEcuzcjm9D0uq lOjypoG8QWMBI7YTD7rBqJjpvgfcV/S/0JiuGcJdJbMtRGX9V70jFRFeK8f82Zen 2CzuZSxVwkvfRRDNH5BxX3JXzc9g0GyNRKUxXY9Tvh0reDALD+IqHYZKQgH4Rk3L qH4K0+teBXRuEkPWcThS9D30qZrsILKh263eqKsQaInRbuET9RLn232VHEyKdeOY 5izD/t3QYkeI5FyJwJMDcX5Ds0hwUwqaV+MMFvlFjpeGeZhw8FLP5TIY1en1fr8= =7fXZ -----END PGP SIGNATURE-----