This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-simpleinvoices-12.1-squeeze-i386-ovf.zip.sig gpg: Signature made Tue Jun 4 23:58:00 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum ffffcde4e3316cfc6bfed5a489e178e8e4ec065b * md5sum 1a8c1c9a34e683c997a483ff255652ea You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrn75AAoJEIXCXpWhbrlNrLsH/RDv/MBZ5q5jobxbxiXNDEje QXGp3ZeoKl/JCIDi2ZSmEK3UQxp6Ijdnv40ed++h7R8CvnfhO3BC2uwli7vl8N33 vKGBlpQN9ZYwR89+OmvN7Id3yOGMNllIMM4YGcapM4LcpcSdlla5PNMLnT4gRCnh byjNiqdM00d8RnY4sQCmQk81bvDDvR6KFFfpRsWxcOI0jf2nU8wa/sJK5T+dG9Au eRYK430jiubdhidwM+bTj8FpLk6HhbGtWoUnoDUWHgAG1tPl5E1moHUNPB+afhje /q7VXr8Pmjuq9QVPpNDjtMz7s8fLKgK686uvhMPwE2ThUgrOkjBBQ8awK8+5JMk= =VBgN -----END PGP SIGNATURE-----