This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-prestashop-13.0-wheezy-amd64-ovf.zip.sig gpg: Signature made Wed Oct 16 09:51:46 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum bfaf232a0925bf234d17e6e88c2c5315131d9f45 * md5sum ed965f8c1c276dd834b8926b3d5ed847 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmGnAAoJEIXCXpWhbrlN//oIAK7mzN0dgPzQrw2T/PjW7pqI 5pvEISvj1PEfL3BruywhledW57jHNg+t7eK40MemHNo8wctYyPEpHZ8c3YPAzs64 IUpudNCUXkStZuqSmChYw+Q97NsnOOz74ku75CQdaDz4dXnLmioI5zxMCzdxfwPz Tm6St+S8OcDpzkF5QUdQQoVCmHDvWTS6Pe/njZwRYo9KBHWthrfesJN4rIuCDCtj tZVDllFJnZokgEh9UWzGJvckG2Xn77PCeSE4N8Ddx8lTgIY3lTLaAaXXRlom88sL JArOhpNkxGdwdF4jVTspDwtJNfP2KoyB1sgI9eY1nxuStW7ni8C3Edl5u5pWsJw= =+tX9 -----END PGP SIGNATURE-----