This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mysql-12.0-squeeze-x86-ovf.zip.sig gpg: Signature made Tue Aug 21 12:01:22 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum fc9ba5cc6e1b03bd99e61be863dd088de93c81b0 * md5sum 54e6d56461baae33ccb4fa21709e4b3f You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQM3iGAAoJEIXCXpWhbrlNaOIH/3iqR/elHtNioiV+nLaIC982 xWtIl1iNk77CoQfEtRNQqH1BXYcqiz7seOFgBpyu5SDpQnYOX/b2+HUWR+Ztp8Fx S6TdpBqzK95eMYZ8XczzWdhp3bdxfqrx0tIXGWx0Hw7+fbZEzUMCoir6CZ5g55Gy ROtymftjElJ3PNIwmaLIY60eHpQ8HzDLTExjDJ+brlpC8F2TiGn5t9I/R87Xe6sA byu4w6PtQ6Vw2b6WPd8cgunoen2pTdzyUkxyxoLFdEvUjShkGjZatJjjjANszpIV TTCPnxe9vJlxV1ZnQMysmcEVjvvuxoVFf4AN3lC85oXxUkxiqXmWc/7vRKJC2ms= =1M2J -----END PGP SIGNATURE-----