This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mysql-12.1-squeeze-amd64-vmdk.zip.sig gpg: Signature made Tue Jun 4 14:33:08 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 964e340ef5048aeaf43d0c4d5cff7f0f5adb6818 * md5sum 0182bcb03afc698140d10eb818ba4783 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrfqcAAoJEIXCXpWhbrlN/8wIAMkFlGao26drT/YHgiqA0TSX LlZA14wmodz6+LmuxnjtQHh31yglVZSecRI5zhHLHI7TU4EAqKkjcBFSOt2brSNp glgALZVufzxuclHSn92wtSdmmfTiwk5TOw+0Qm5hVUzl5+bUTrOioiFSbcyZDw6o F05bRb4sLtbWAY0YNhS0UOugAfrpQV2TLMznSxDeliKevMqPs37+rj49YGAJh0M6 MLuI0hV1BYHMySo0NjD5W/H8pUn/tmuavdAHYblqSVCFslxkTist/85X6J/ejlSY EBAz26cfoM26hG9cGQnSxPSn+4df2ZszxtwHoaeyQNJtZqFGbarOoBFmPH+howc= =0sx+ -----END PGP SIGNATURE-----