This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key <release@turnkeylinux.com> $ gpg --verify debian-7-turnkey-projectpier_13.0-1_amd64.ova.sig gpg: Signature made Wed Oct 16 09:59:38 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 62701684a45ec69bd270981f83b27b9933efa661 * md5sum bc23a5610221845933b12d07b207882d You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmODAAoJEIXCXpWhbrlNwoIH/190/dxzAYOeaV7RrusBG5ED FhJFXz5uPD+SlYenGbIEbFZpde0zpvm/AMYpqfR2Id9KwRjqK32GC+HuAyGYV+1i +0AsNfkIvy8oJ2EZTZpEQyiK4f1tX/53hpPcuuKjm9vipMTUMQClLcJx/ZU16xHT l7ePGp3TgjSkaY47bcbDyez8AnuA2Fs4relg7sFxd1BHDTNAGx65MbeLklY+Ah7C K33GFOUxwgm2/unW/2kkbz1zzSm6/FDCR2iWmj25FC51upXPOD6VfvfLi8Tqi6Ju xSSPWL145f92BktQ7EUyfAV+PurQRphjQg71rZ+ZWnv8xLsPPVhF2LVbBX2gTGA= =2ufo -----END PGP SIGNATURE-----