This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-roundup-12.1-squeeze-i386-ovf.zip.sig gpg: Signature made Tue Jun 4 23:51:42 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 15354c62004fa055111f7023916f764c94fa5a69 * md5sum 4cc83ad40953c23930f551b42c6903ad You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrn2BAAoJEIXCXpWhbrlNAQUH/RD5kf/VS81xP9p+uDKzAelS o/QQD1kbRVZwR5lqDVjDT1yZaPV9iEevY22ZVbbecgCI6FkTwyeUccqKGEExpStm 24dO8kDJ46DDw0FglO9iPRmFc7L3nEybAsXIFJBqBUFDE1gvfWQ+WbsHMW9OlE2Y 8qKs4wtMfVxbgxOp1031VXhys+J5l14c73AgUwcsthZUwTKIr/3dClh4kvCDUpGK C5h1d6t2hHEm+beSe323Apq9eejmxklbiNV8g1kYqoT43u5Jte3WrQI4at8+/c9T /wM0DgWsJXPkl76Nu2PMoO14rtsWs6Fkcvx3mX92WYYFR+zwAtiOZ155wQT5+rA= =Wmbn -----END PGP SIGNATURE-----