This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-moodle-12.1-squeeze-amd64-vmdk.zip.sig gpg: Signature made Tue Jun 4 14:33:45 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 78c1f7fdb3a914fa0ee028b478a15058aa9cc777 * md5sum a2cda28d6f55e066126533f0515d04d7 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrfq+AAoJEIXCXpWhbrlNjJYIAKilxJlWcAim4K0SCZ3P/Kqd Cj+dwD2DXkaI6dnbavy+3YnFFAA+5kYDnKON467YYagQBvWATSpcu7xlA51NTDHB CxCEGShbApSDlBDX2bqUyegXgSmrqPTmQdeVQ/CNwwB6jZQE9Qs4DOKNAVBtrwDY P/mYeXu7HcdXIIj+Lw5JX0S8oc2+heXhzEYdnro7f95Ii6jZ1GvsijbT1o18jGtQ QUnAqhnJK8kHp1R4Z5IY9R8SpxQl0UA2A9jUByeH4XG1xk1hezI1lHJniglPxcDV qtiPX6XURCo7JXSKB7DnTnLmvcb408dFC4rZCZVjI8s8ofOv7gPc166GtJcY7tU= =J4Dm -----END PGP SIGNATURE-----