This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-tendenci-13.0-wheezy-amd64-vmdk.zip.sig gpg: Signature made Wed Oct 16 10:17:11 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 57ac1f12d2cb9b43cfb824aacd865596e85e2f49 * md5sum 7cba23999ee743ac023831e108239d88 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmeaAAoJEIXCXpWhbrlNbvsH/12Gf5EjTuTOufsS7/5tJs+j 8yR8XOOxdPn+Zcw4kr/9XWX9q7eYNH9BMDogOq4dndJcjkGZe48cTo8J/nzn4rbJ 27bSbZeBNKtryaRR7Vr5K0aq0HLy9laTx0DskQnZ7UbV2BHh6F/Lc0mtAhvLN9Dk HEyEhTtypaPUtpLeKdys19aBnAkf0OjDDPspVF3BgfdOdVj3ENDgapku6gJiiNFG 8fcCh1da+qe1O3eWfahnwQmu2D33fC9w5sVyQHkAwkuLuzdbUganVlNuqBp7LOVm lPdKqFIJVKr0fev7CPB8BurAI91LlT7MC/LnnR5zOuD1kfvi/X0n5RcWAbt3+lw= =P2eY -----END PGP SIGNATURE-----