This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-phreedom-12.1-squeeze-amd64-ovf.zip.sig gpg: Signature made Tue Jun 4 15:13:47 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 10d9234a2b3064554c26245af34792f915077881 * md5sum 6d9a7f2768394ed73400019c7f6fb51a You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrgQhAAoJEIXCXpWhbrlNoXYH/i8ls1GVgf9ltglFtZP7FHsD 3yH1fOsc0+Rp2lfF791v7ykt2oAwl4jPZudTlCDTBO0KniNdS/w37LlAjd1F817x ACQXnxBqpn/Eyz7jKCW5mJ8w/cbDziY/SNrbR1bqR5HS+U0yC+mEy014AGukkNQK v9UdwcIJQ3jTquT2SRDyjKYdDcXpGwJecjIivnludKPWpb95BPJbLHrTTKOQmL3w k9GJ9HtO2ftnoYt3wXTCo8bqT0GfOHcaDPVwa19R4zYjWBd6WS3kSRmdpZsS6OMj RQ7xF9EtG9Xu0h5Okx307LcmqQidt11AF7nsjBb1emV/Y6B7y+gPsbuGIBLQsCc= =sugm -----END PGP SIGNATURE-----