This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-revision-control-13.0-wheezy-i386-ovf.zip.sig gpg: Signature made Tue Oct 15 18:30:00 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum c461c811745fcc2fc95c21657e3c8ba5920d4d50 * md5sum 82a9f455fbec9b6dd3d7a3970f242a39 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXYmcAAoJEIXCXpWhbrlNkG8H/iCsFvA0Sa8lMV4W0X9H0zAZ NNxtUalM2RhZgPu7Ao8gms5aCLRRB42GcNABVBhVsg+PXul5v39bgNd9avoo9nK4 FKg5iXwJ+8sDe/nz4JYkuSZLbPD1Kp6tS5Ar/3j255YgzbZ23AnpTNPHT0Qyi0qh FmCsHTjnk1we5ltjpls1Tu7pVmHGWiP84vVcb51T8ItM5w3/IoVxOKRP+VO0TH84 UL/B6sOvlkgeXoL7pAXh1qNxAil5PKvV0Ku4dk8XVj97zWt3JNdBsmkzezcJ1EPs oi1xJhPKYN3nWxnRUTe36xA8r78lFqbwbKl/ORSmUb4/DNB14h1NawWQXOMUW94= =uHJ1 -----END PGP SIGNATURE-----