This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-phpbb-12.1-squeeze-amd64-ovf.zip.sig gpg: Signature made Tue Jun 4 14:59:31 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 4a61067d3a56283897ebfdf7a50b3bd72c4f71b8 * md5sum 317c6ff6ed9c43237cb0aa2f96cf8b69 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrgDJAAoJEIXCXpWhbrlNIDsH/3fzyNBxD4tpCmOMDKw1Iqbf FdaOlcch55yRM4lHMO1LdcPibasxoNvWbAQSd3mOm+f5QxgS7fjivZBolQYBWsLR IyC7BLQA7QwJsnzoo6jcReRqxFO25+GqOLtnTpQFZI/wEbNasYzN0q+LzItf7jvG eDLKHOuUn1opSFJoSKVilwmVMoUfIXvz2wOtri2b/UH02buUcgsAC/KYcvuoFYGQ jzIaKPQLIOUHax2hkyMUu0QBfKmdu+QbSNCj4xpZIJwVOXJqKycBPaZfNV240Ba4 FlKxo7U6GEm3prG9ylcNDawHCfizFtLhrvo/+ZiFJvnMttcEJR36WsrAMHjbSbg= =3ZiL -----END PGP SIGNATURE-----