This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-vtiger-12.1-squeeze-amd64-vmdk.zip.sig gpg: Signature made Tue Jun 4 16:51:50 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 5825d58822259a026717039eeb17cd0b429c9f8d * md5sum e3d3f0ac8f8e33103e3448d39c8aed0e You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrhsdAAoJEIXCXpWhbrlNNBUIALnMHEchrbP1vqCtvpPHEHzV MNJxSM3KvTohfq90st9+c8WMG1/ubDcLO2644DUmmB6oXi/95ZDfM/mTRfjDwcGE zdXFnSXp4vg91BSSVcFCgVtsXECoiu97P/ZxD7ExWVqd3qALmQGa+dd/ABTb4TEQ yJ5E6GoRKnTEibiZwGZCHOJiFBZ6pHlLqC6RErXeUM1irDUfLmS1fX6Wp0HWCSoR 2Tm2Oypc5knvLVEdn+OqpjLGzMFwtWvYDh+JdV1MiP82qL9yFZqG1HdK247doz58 5MNT4LwL6eLf3FOQot6TX60ZXFjVi4TmkCz79/ibhykfsue4NNdEUG5Gd3RK5GI= =d74y -----END PGP SIGNATURE-----