This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-owncloud-12.1-squeeze-amd64-ovf.zip.sig gpg: Signature made Tue Jun 4 14:58:13 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum c6673d2503340bd93cab8ebce727587a0dfaeb63 * md5sum 5c9ed2646536897bacb110c18436d6ed You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrgB6AAoJEIXCXpWhbrlNQxAIALdbI3j83PGXMDF97X8zqRY3 8jsoBNzAVZqPloaqwR63OA/q5dZpAA0JIbkmqvzuxTeSVd0BplF/vuKNnHsgtY/W faYNk3pxmWIrdjRQ510LAPkDTReNJ6Z1P48A9ZHQe29c8cAHdsEQrgSzKLkTuib+ tpvnT2tW4VgpOT9/T5aaxnkZ0uO+N9zJYU0zpAX16PyglqLyx5cdmBjDqgs5di0u TFfidVX64Uqh39orlT56lEiBlLgbvI4uygTFyvHVdN09nKNPU/0DT73CUD2Z37Mc RzjVRT/7LxqBzcscx736o3TVfY8xTrQbeNvSCJ162jcP0AZmmKND1/vmRh/JCqI= =2l9S -----END PGP SIGNATURE-----