This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-tkldev_13.0-1_i386.ova.sig gpg: Signature made Tue Oct 15 19:30:54 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 0e63a88f6a5b12a8a75ffcff9eeb08b2074e4cdb * md5sum e11e98446e41b74340f7d6efc3532bc1 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXZfoAAoJEIXCXpWhbrlNsJQIAJSnOkX0H7AoRlEJ0E51aMI9 CwRa7ibe6E5amo0U2Q6/reGYQDBUJIUA1iXtd1cphKNpbT+Zq0+0l+JQVtdUoCLd FQdnNYx4dqoyVEIVKsbi9FH8XeibeHqaASf2AKtCgVgEZLnbx3/eiUD/ongzQgoy uai8tLn+nxqvGnIuo5rDVs+7p6JG0aV86yFvY19AXvG76LeHCZZf7fy4SJyDalGH CXTme3CRr8yCHrpDy12+sh8OzmThEQRf7m+/o4TPX37ZiuGtQZ//48gzgJzj7OLc WtCYs1z3H4s6wXGZGOyrbUpuAzu1hWAQTAmzpEirZ/rE8skUiPeEjP+vN2btuic= =SmZa -----END PGP SIGNATURE-----