This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-tendenci-13.0-wheezy-amd64-ovf.zip.sig gpg: Signature made Wed Oct 16 10:17:24 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum ecd2533320b7bfbbeb9cf6de3bd991f853ed6cbc * md5sum b66d21081eed710dda132c389620d740 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmenAAoJEIXCXpWhbrlNo64IAMcR5hGd1NKXcK5YyxMWu7Uo dl3SUN4w7/Sh3ySJGMzOSGpjl5eGhpX2JrR6x1L76eGK3/efvYzkIBczEe+qn1DR hMy9FlHOvWBdJ/vhQJhf4qmVUj+FY9sSiDgh/D5/rv0JINBJgznLKEhiyBxckhUn DCF/UCRHYt3pvnXl+D2thwfjsvxX/P7mS6PuS4/akyZ8ydWOef4ujjymdUWLR1g6 EdQuM8pGH9nUQmm2C2ksP/t5ZXxFEjRJ9PvqawEIoFeLZ55TkbnlRcKoKzW4Ud5C PgaBrlq9j2cDdwvNOWuuid+PyYwHvAkzGshbDWLShdx16eCw1Bnk18wwB7F9/NY= =OEmI -----END PGP SIGNATURE-----