This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mibew-12.1-squeeze-i386-vmdk.zip.sig gpg: Signature made Tue Jun 4 21:57:24 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 3e16cb8d4d1d8d6c3c016c061ab38908e7eff33b * md5sum da8d2844b8bdbfc867cecc8dc9ccfc62 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrmK3AAoJEIXCXpWhbrlNZy4H/3jUCRAWOn74V3Hef5Fdl7tB 97t7VJuJ2XcL+kRNkK1tbG/q8rUiiIEoaWeBieDMAEXH4sWke/oTPNb5rkV40UOZ QCy0s/2kIJm6q+yAxb5NXKl5VVdMv6f03DNvLlYzu4TSSrz30chWY6zzl04qNDrl Dn3ttVx2V9ifgWwVrvkXXV0V/7SykeRWah0pqZaywok+UjurycKCJiITWIoW0bS+ 0ErNMlBUug7z3cDg2ZlXg+vfY4/zxANifFA6d15shQikm29Y+h7D6hzr/x2nCdns v4s+mK49++2dkee9HfERMrWl2fMIlLR7diRQvP5BpMVWKRCiLbLUeM1gFw6vduE= =xgNC -----END PGP SIGNATURE-----