This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-moodle-12.1-squeeze-amd64-ovf.zip.sig gpg: Signature made Tue Jun 4 14:33:57 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 89f95b4837fa098e6187b2be1c302b9e5dc1c6de * md5sum 0add6125321cb1db8ff3a5c18dec7d69 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrfrJAAoJEIXCXpWhbrlNk/kH/2Sfu4M7oHTFpU2Ss/mvQTua rFk1AYHBr5P7XeJb88rSNHeJ2jRTO3h/8FZxsNDArAzuyBFL+HtFnEMP448cVRGe C+/7ze3qfRirbZhaaJrLhmYHpiuc+uJLg1cOwiDkqCttawsBFlTeh9c0aaqVtwZQ iTBurN20BztzqwRoM69l/bmJYyzl+3LhZNMeNYmihjuNk1CT+++tJUf794wV+rZn qLhDxG3Xy53/GR3qItHsokQU55JIfvWM9HINqBHuUjjxxaL3rbuciTIYDxD5VvrH fTbyifQZvyoG7O5vB4HTVt2gDAMdR9QJOR1RNtuAovN8aqMV3LSbJMoBPJdLwd8= =/5AM -----END PGP SIGNATURE-----