This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-tendenci-13.0-wheezy-i386-ovf.zip.sig gpg: Signature made Tue Oct 15 19:10:01 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 1e5379e95807d7c3fe9c959976a1471ad469b560 * md5sum 834ea8dfceba64c2b08e393aecba06d8 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXZL6AAoJEIXCXpWhbrlN59kH/08/dNyiL5FvDGA/fNZMJc2L KsaUUtT15Q3JH4hnaOsyDtMUlMxQ4C0o8TyUajmbSaKkWzFh97Q1WmZugaT80CX/ eABz7x+CtOxaICIrKPf5v6aaAbfZFvwj6Hzs0OrgRhkH2QxYT8OS5uuuWaK/wwT4 nBnzH0hGalk9uxj8q1uuEwBv4BXEoofsufg6yHwGVyrgoPrGu2hlDhSn5DVYV+yA wi8WY0mBVVZ+rYP0ffqLl6nXaGnmw9ajCutq2l5N7vXHF5dF/FueDd43KrqZbwLr HazkRSkIRdm8hACV/MeqHRD/i5isO9f1LM9C8BWOqBQNY4BpsPtne33vIbWiO0s= =rqW4 -----END PGP SIGNATURE-----