This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-symfony-12.1-squeeze-i386-ovf.zip.sig gpg: Signature made Wed Jun 5 00:28:39 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 49d457a73600ce13e58d3fa7227d843e46424615 * md5sum 0d2b9e1fbe050cbc5f79b59da0cabf40 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRroYnAAoJEIXCXpWhbrlNtL0H/irqjHaPPSaE5L8iCifE86Kn UEJD6fz/0RPve6diAwjrbjVfuCfY0SVwHciS6ilGdF07zptu3Wf5w0U9cnQyT0Wi Yxxu2ACdL+iT29bPWMq2dDiK9D6DB0D1g1t/FBELO7taCDKXOwN5iXxtoQ7oQl8G LZsc7uShXQB6uGJpHkCzjBWMYEYRoG8FgRBUW9mFR3dZFBJSEc04CYWHeVUdXAcn vvqxa+9h5F61ZFjsx/C7nVMLKEuXHrjMotH0wUymuXVMIpFoyztpK/2AwQWca6eK EfX3i1jSsEmrng8ytP3BDFExoov0kMN5vcG4YML2mg2fvu+TatnK5ejsMBuvBvg= =tPaL -----END PGP SIGNATURE-----