This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-revision-control_13.0-1_amd64.ova.sig gpg: Signature made Wed Oct 16 10:08:18 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum ed8f9dbe4bcfc2bd70d08848531fbb0bb40891df * md5sum 225d69c0ce7b639a0819ccb9d6d73e92 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmWLAAoJEIXCXpWhbrlN+cEH/RX3/AalRyoiTdrddO7E2NSE GlzICoeSQA2fjVmbanee+g/gdhJ1KZzxlT3flj1G0+Tu/DYyLVz+Rl/OIAH07CkI A3oFw/fCU2mIBr0t4e2wq+v4XwXlUwnPnics9oVjKT423d38WINKloe0n5T/+zJC 4cUlWMgMVnDuds30LTWUqHkZOPyjw49eRdEmGSCYDHgH4KH4YIkuHYShub8molVB ZUVvyKSM9YtrgxcjRGkAxvdt4eurgHfWJ3jNkN/y+3egI0eaiw3yVPzZBz/KtkV9 tvPmS9S5NxprMwmUgg6RuLYmteec3RHwXfMyjjqMxWwsqvj8R/24WqpG6ysa46E= =/fzq -----END PGP SIGNATURE-----