This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-prestashop_13.0-1_amd64.ova.sig gpg: Signature made Wed Oct 16 09:59:57 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum da706298ffad533bf9d440210bde764988c5618e * md5sum 3bf4b87674a1a93157ad585fd48366e8 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmOWAAoJEIXCXpWhbrlNQXwIAKFlZxWja27OnEgFzV+DWnNN o6Tl8XJLZnN1RPk3JERnjmk1gLrPaUNelUjjGWA1JBtObbd+NkMsKhYG1anoDRP2 4/tdDvpRFXwlDky1F3hjHyb9fiHEBEvJZpO/ympUPaTZUM+ML51KtJt9fGsnGEbH RhLS5NQ6kWNKbg4ffeK01zFnrIgm1k9C89mFHHOyBcdO6CUXgleEQ/j01fzF/owh TQrZOvWnDtaYE/Qi3rvMy6i1o+p3qfQJUdJ4vZHUAMszuM/v64C6dpmSQLejqkbk 5BKaO0LnAc/KEBTol6nxXGMOa6IC8ml9CCFdv0nkE2hGZs8aCPRanfd8qOP37Lk= =NQoS -----END PGP SIGNATURE-----