This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-sahana-eden-12.1-squeeze-i386-ovf.zip.sig gpg: Signature made Tue Jun 4 23:54:00 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 565b64f4a1c39551cb35891de9dfa3f4264e73ca * md5sum 75dfa0d85f78d4c2bdf405f084d0555c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrn4EAAoJEIXCXpWhbrlNYM8H/iO1gcLvKx4vl8K3RvDD+sdx EMfDUlI3FygNiN2iNYXFkRf49D+J9NPKSZFJvNPpx5fi9PhwQ+nYQLFBVsV2TqtP OHJqF4mz/rlGsmb6h/ujPg9WvacGwYnnfahq7Hy5QbBI/EgAl/nTeO8zVDcKm3eZ smSxXZLHR6KEFzxeE0GSfQOzRXZQhAr1+/pPrFf8GQ/l8XHT+Zr1YtAn/HYsTeG7 tsQ3bs6xWZWRA1wKe9QAa7lhZjdcfCowuq4KqECQE98fsAyxkR38nwugkbAr2pYF sdkkusyX4msLsGshjhTiQm/GKbKV1bokdNJlI963j+bpmoEel7wOvUq7btZdq50= =fGP5 -----END PGP SIGNATURE-----