This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-phreedom-12.1-squeeze-i386-ovf.zip.sig gpg: Signature made Tue Jun 4 23:11:21 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 49981a32abd5ebfbf438c47e4502a6ec4ed224ec * md5sum 008851241fb7d4a533cb961f448bc574 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrnQNAAoJEIXCXpWhbrlNFJsH/iktJfr4zTzaSZgNXmfXhb62 FIGPWXDW4wNn+lgY8gl1ALYYzT4Hz14iHPAS5ou21u2coNuJdC+fPkkc6yjFUJJb NZMpTOdrrso65or5tRvFi6ljMwHkOcgwPSQOTWPmqn9Q85m+Yt1y0IQZnoVKOeBn p9MGVuOVeuJNVzJlijgsxpz+Ixn3Vo3icbJS6JylX3ib6ADQmkJ3EGC8xnJfeSeA RbmxqgsHSTzODVNMCxZaNpoUSapuW0z5oa65qzDHuBWsLhNOkEN4zD853EpkONez p4qIdcXd4pp5AyofAOB0cKNtGbuDPI+idYhg4+osDYlz3gR/U24hWmr6M0xR3fM= =l7M+ -----END PGP SIGNATURE-----