This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-revision-control-13.0-wheezy-amd64-vmdk.zip.sig gpg: Signature made Wed Oct 16 10:00:41 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum e2ddb70faaa3173456a2a28bcd0625784071c7ee * md5sum 8d7c8257697bb4e8fbae3e21ac25ef60 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmPAAAoJEIXCXpWhbrlN2PQIAIGm4Oh0FMQbSJSMc9+VMczG ci/uQPff3leDJ8blRaB/e4nOzTnYV5pOmUrSM6v8d8OfmUvxnHg76pbOHEZFnrc3 qqJUrAmvfCzNMZU9bkNlwrZ/GGRO/utOTv3QpzRNHCY3MpPa6vcZzVJ0bdgXTqg2 uHLcIE73q4MgiXPw3lDbnMKbuHa7GgwsbSqm4JrP6JOop8CRPJlt/FOkkYBxYk9P JkVcXhQ2v7a/d/qPo6M30qqut873W14Yq2gyFpF60LsIgezIdI7YzXvJLHYZ2Q5A LKCkawv3U0NtPf1yhop0bL665ujOoTIG8uEC331qyZyW01Aqo90ObIKjSyOIq0A= =y11Q -----END PGP SIGNATURE-----