This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-domain-controller-12.1-squeeze-amd64-ovf.zip.sig gpg: Signature made Tue Jun 4 13:00:26 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 53b187805e9049c938a0e3395e92943a8cdfef34 * md5sum bd3c6fee561cc8d2bb8a85302edc52bb You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRreTfAAoJEIXCXpWhbrlNjXUIAKNrWoh3osDuT616CM20afYR ENCXE6i3AEjFh992YHMj5krQWcB5my8IHq9AycHq/UJGqSlYwiIsKoMxk7+J9uh5 WEIUVr+sqD16OdDdyelaADsuq+BU+Nk4cfa0JQkAD9Pvza8YgekVnQ+d1O2asCxS M3hZVDq5AKd/JCa3JFRr0D/jM1rlA0orjRfOYb0+ljmTfNHgG49eicTJiar3Bg3r 2X5OF17IsQrAVZYEvkFL1ckl07TAOMNZu1K0VwFCf4d84FnfQwIUy93fut3slfy7 X503QUuOeXR5XDCBD6wzNiMeXPXZ6f/uFqysMflA71j3eV0WvhgXb11/oe8lros= =W/yA -----END PGP SIGNATURE-----