This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-revision-control-12.1-squeeze-i386-ovf.zip.sig gpg: Signature made Tue Jun 4 23:51:39 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum e921a2136c9588bd2ce1a67507769e0536a1f2ef * md5sum f276c5d4c2ecf36d99a933885cd9ed00 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrn17AAoJEIXCXpWhbrlNMXAH/RtmDk7mh5yEQmd+NChwyPIn pBW0DRAm11hdgNJpYonaaVUChGgbxVacbC0paOz0JMyJG6Arr5ktDaJdSJSyV6MJ 6YIzuMV21EMPOrY/oIpysWflJLYfTW6rUP9Hw3yNYGuC9fO3AjTycQu2H6rRWXO1 E6QFJRWubhfC/5Kafn/DImM9aIe/fy7UtAdyhn4VX1XcCEvC7rjNE39/txRinUa5 8ipfap+n86FsJZiYaYLSsPjOxM79Uma/fC9ImloBn4orvmd6drxkXl6Y02FfeVt3 4ANiW4W8mknWU0Vpg0iaJuC9t/C7jUzPGgLf+2IxnOpEc3EQcpNsCqTYPe7W8Gk= =NlNJ -----END PGP SIGNATURE-----