This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-pligg_13.0-1_i386.ova.sig gpg: Signature made Tue Oct 15 18:06:52 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum e9ab4b5817002259db41f87c9d1ab2ac20379c64 * md5sum 6a4b94b8a9137da22c63a86485e9cdd5 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXYQ2AAoJEIXCXpWhbrlNL8MH/1saMD5TQ9+frnu+5juBs0OR 9rlOok6OgLmuKexZhv9Ik/VhMwySmxxJ/57ENCysGUK76UkH3Mq3Zjsf+T95vIfZ dyR4dv3uhGW0ogrYbh94M0Jaa/Ue2XxFXagIBsUY0oB6elipYUMS24x8dPTtdol8 ym3SyZOoa8lMc5j9cJs2TOY8XnDtj289tiyR/Dw7anmW9Nw1uUXm+eRJz56XljJC I6ZmjkDmAagAjuKTubcM2irkA/P/KiYMTR+6bo0zC5sCBACbijOggsjgOEL/roX/ 9ReChccFQDJW2kqFPQw0mo17cVJOrVx+H+UY4guBYACA29u9f/N7yX/z38TNJBM= =MlLz -----END PGP SIGNATURE-----