This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-tendenci-13.0-wheezy-i386-vmdk.zip.sig gpg: Signature made Tue Oct 15 19:09:46 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum f4d518a98abdf2cf7b5c1ea8918dc718ac29892d * md5sum 0364a1396264229ef2b5300b74500e0f You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXZLsAAoJEIXCXpWhbrlNEdsH/RoDVfPrEKp10/gbhA0VsIrH RudzuIVP/6+HuZJ4OTymbRWLi+/dGFF95tm3Gyv1o0uj5ZgLdalHkjNZva6D7DVZ 4icm0jXjtAHJbzIlNQ8172ussdAEFhvJlyxav86Ug90MZPvVvQ8S2ZyiY79JwYbS 2ggva36ojYQtBG9NM9LOOJOjeGdrEuwdD2j2Lk3J17jq2zMitK7bS5dVRqlHd5xn 5jqST1L0YPfeKKdCR482FwBIvlKV0DExrd71w2Jf0R/uy2Qw7/CuYi6IJ8MNUp9Z JH6BdrwgSV1tcVh9NGOsm9rZZGzHxiujiRFCTMXVuXdr+kvkq7GK8kmuQN26ALc= =15Co -----END PGP SIGNATURE-----