This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-postgresql-13.0-wheezy-i386-ovf.zip.sig gpg: Signature made Tue Oct 15 18:04:52 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum ec3864e6ddb74cb536ad626615eaa86a5f8bcf8b * md5sum 4aa636ac6c19ec90db6ffe7c41ad5b27 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXYO6AAoJEIXCXpWhbrlNbqkIAJknID6MugjyCCs1mjukQmdQ APyWOxojILe0L/hzr8D6SgsGPkmLp6ZaYQdTVxj/A6UeYfdMRDF7tkZ6t59TCxRo VZ1Ma4p18OWPa5KDxuEFd84FItzCW+9r0DSmzhyVL32eiiVfEn/MD4uZv2W4DtK5 Y8B65AOEper2M/WteRCbNbCed1E/nu6H5bAKmZrrAiy+M0SN5LeKBtYah0bv0jhe UIxaWwSzMDVEdxKu0qa/SudsaPJZ9iXBRfy10evUczvPHg7AY1CVdNrOGDfLqdH2 gDuKc5ARPEvkj7tPoGOq01sAV7aEpf7/Snq4EAw6jl4/YU6iJQ6FRH2kEF1E0o8= =Ilf/ -----END PGP SIGNATURE-----