This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mibew-13.0-wheezy-amd64-vmdk.zip.sig gpg: Signature made Wed Oct 16 09:14:41 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 2077e2f479441d6cb1ab789b81cdce45577b6a07 * md5sum b5a1d2fbbec7eb6bc9e7b91a8bf16729 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXlj4AAoJEIXCXpWhbrlNWjUIALdSKlwUAE5vM7yr3T4DnfJN ffZ64U/hs6REG+b8oZ/t0EIbQ/x3AIE4hfdQ5F6uuIub48WRdPZXdv5bGak8RDpP zMEhUGocKnDX5JBSYN6tgqLxqcfjilhZPx65HPNb2YIyTTcKycgVzKYHX5gy8UCI Ibjh6qPb1L1LfhKpP6acUPGP5ctMEySwmnJOKm6qfAZ1Iu6lPsoIoIy7+iF0WMPu CrVw0mM+6KAC7PLy85jVXab6XuMLYfPTDK+BIbRy4ZkLlWipKQP7DKOJcrDEpnkw TNQbieRJjM3NagV7YmEYmau0aTv1r+XTY1bcFVaP6c4uH/ydKy6+o8LHRoMXy8g= =ZjDp -----END PGP SIGNATURE-----