This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-openvpn-13.0-wheezy-i386-ovf.zip.sig gpg: Signature made Tue Oct 15 17:27:44 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 239bd497d174d6418a21ce6e55468655dc805c17 * md5sum 3d5fe042eb6e67cb0c03acd3b760995f You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXXsIAAoJEIXCXpWhbrlN77UH/19v1Il2g5GuGMbXIssuiyt9 VPwWwVL3H2kaLIkjUN185nSh9d7VOYSFzqkOODsQJ0CavzbgllxJWVk499PgTc92 uQZeN8WMDgSdEHAK7r+DiYxgz/8D2Nn4MLFux3CBiPn41s8mPLB4aynCDZxOMQzb Tr9yyIXyk70zn9+NZ/XAUImZWIJnO3F08RJTDyho5xh38p19YrLIDOfEiIJbvSHc pACgpyJO79ZxyPKDUZlkPcZ7zdgSPzT399mi5C09OI224kikKA9dH7nKXgTEwWVq D9F6yCy92SJsmMlE6icN/+CuRakn2UjbMU+2xWR/FDGIBLr/ZKoVzC9PR+YQ/nM= =ZSPn -----END PGP SIGNATURE-----