This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-etherpad-12.1-squeeze-i386-ovf.zip.sig gpg: Signature made Tue Jun 4 21:04:15 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum f1d4423e580634c611ae07896422b9fa1c7c7326 * md5sum 7f0c26335e8dfc2d10b77a6cc1b97892 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrlY9AAoJEIXCXpWhbrlNLR8H/2VLY5hW+5VICtvul/r9OIW6 6xsNZoR+A4Pfg+0dY2dkylG0KiSBy9caYsrapjoRW00Gcb/GdXqByYyNf4eVToCW VX6GdFIeOUWYPlKXJIwQMqEmXMK5wAMTHiu2YbMbUfDit6ViK+wfSYcXVTN8HMOi nuNZUw9+/mbYW55OmgaCAPbOy68UgXUqB//P0ulESHJnQ4E0V+H4O4DOb2B7jkoU 08wS/wjy5eJsPKGUM0+SqTj+ISBAtumyXagoAEoRnTjkJb0aILp2KBOSawr7EMUz G1dQ82TWmQ25MT6YO0+kL0BtvCyWRFDi0ztSFM9iIxbF7hvWVgGIvgrQR5vHpi4= =WOxM -----END PGP SIGNATURE-----