This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-twiki-12.1-squeeze-amd64-vmdk.zip.sig gpg: Signature made Tue Jun 4 16:36:42 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum c407b2fa07e3081e7939c74a03f7dda777f5312e * md5sum d08634f5f7e9ccb37cb08c0afdc1cfbc You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrheTAAoJEIXCXpWhbrlNdw8H/3usgecMsxBLo0OvOPjPweq8 COG5EwGtTf7+ALVIALL53YNIcj/+hqRU4llSIXcAFsRST5E28nQTZ0N0mdBygeI4 /XSwGuxS6GK+JrN/yJmcNsa9skjVnKYnlsOWUe7+cvPP88Y4+nyZ15ESwaid/Sbh 6VZ9mxj0D47OfT2DB/tc2185dZuMqQlGuKi3HCYV2hMz+YL/yJxaMtYi93J41znI hJiWIXYRnfS9Z6DdnRDTTRe1tBDJjxcfYUeCpN0IGDCoe60iw5P/sAYXVOTN4aNF 7hnMrBlKmheeNeMZWB8XHlZinvBUoXFv6LzRtl7LrRcRrtFaKIoEeF6nKYhzgKA= =MVao -----END PGP SIGNATURE-----