This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-twiki-12.1-squeeze-amd64-ovf.zip.sig gpg: Signature made Tue Jun 4 16:36:49 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 4c1832b0a6c98f519f9de50a89737a95c0e06a90 * md5sum 5e11b5f71db04850a3a655fefb96d6b1 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrheaAAoJEIXCXpWhbrlNx4AH/RzfFZz7RpcawZAUm3D9XKlA s7+SsE+uaDi/bJeGXa+lgHKG95HAJkX1EXlijY4GEiuRBRQdyTQMbBN6QteyvOpS xS1eDu0fBg6wCYZEcSrpHKDV99L3GiwO6rjf1Y3+qnLKsOnTnGywkMt4lBkFahx3 KuUX0Dzdu5Qz3J4Bt4A068AU8lWgmx2JIcgsu8i6cnMxWY4i2FuUHhaSyU/GOMum RlEBHeKmrrGvxiLJ+b83zYKd59szYLfYw5rYNY1AbsPcUCZ6adNBg8zOWhmUKKAU IAf3dxnrNT1O+zJnk63hLrr/uU7FKE3rdkQ9jqGObrwuEiiIoAN7JDVspxEjAX0= =Bvx0 -----END PGP SIGNATURE-----