This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-b2evolution-12.1-squeeze-amd64-ovf.zip.sig gpg: Signature made Tue Jun 4 12:23:36 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 70bc958d5224463f410cd5db430b3c53fb3ae41b * md5sum e8df60a09c605dd0dc14fa541941da3c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrdw9AAoJEIXCXpWhbrlNWqgH/0JGo+0b/RRmmo7DAkzOCI6O Jd4ydhMntewLL5rKFabp5NiVpRHC1n7kuu21AdmigJtDbWkwlwBMHuYqfPXxzhFU GTV7X9NJyZSbqMS5Rjq6vH5M0RhRvUxgeNKI/dG4ZpMMdoIwLVTXG6sbKiQcT+V4 r4otDIr2tViCCltQEf8vsXe9lsjtfYlKkZEAHzyx9i6dOdEarH2YSXxo8TDVcg1s J58chX9SUO90e2JMq8NfjYM64HPUaIewNTUeGAxvGJDr7WEzkIRBmr/+z5fNbVDk 0LN3IszjE803ELpFZOib4qFGoKBI9Ma9b13ptAjON18MF50fbBHkikecTAhwAFQ= =wNSk -----END PGP SIGNATURE-----