This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mibew-12.1-squeeze-amd64-vmdk.zip.sig gpg: Signature made Tue Jun 4 14:11:02 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum e9bd1f8a8be07253fd5923b393c05acc20ae3035 * md5sum cfa4b4a2324e387fd74cc0011b99ae47 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrfVtAAoJEIXCXpWhbrlNKxIH/1d4NSp15l6x8BuN/NMcSL1G W89Kez71UB6DMo/bdfPSYiMY7trY1JjKMZRKLZAtAPCibdID3GqwLQSZifvTX29L BZHymgQYRA0SGF0qiAaXjMvG6qQq7wpzk1ya/bukZBPJgtCIk0zdRpSIlBOwWhAJ 3yDQwMnHzBcJs4egZhTXyVN3sUKBkesaU10CbToSz6CUJEwA8ic++f63vOVVMfMv qFSa9bRx9Fq9FUow4p5RLQo2IPcjhCU1aSld2Axtl8P4hyIprNsPIO8l9fxuGz6o RuZx/6bSwHZbbeeYvnZ7P+LstbU4oj22I7g3e/sZi8hiY8GkpFlOnfL53DhkcVk= =iCcD -----END PGP SIGNATURE-----