This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-limesurvey-13.0-wheezy-amd64-vmdk.zip.sig gpg: Signature made Wed Oct 16 08:51:00 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 3287e8f8298296c63efba03b2ae24b313a8aef93 * md5sum 7bf7036babe6a5d71749f47891a6ad17 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXlNpAAoJEIXCXpWhbrlNtswH/0wun+EWEaT5CT7eX80Z509z btaK29CaA2NiaTlwP6ieDwqXa3nfGnk3X/xlvGYVQmSIY0urmCEYvPUthvnD8Ncl ttR6HD/3NB+nBbk0lkMMgGiKuMdSUfb4efhgxPu5VeaSE1g2RlmBDSDjww4wPcYp kJH90iu+iv1uxaYnD355A4T1GOxWdEpcOTiVUrHbMAyLZt8uoujLCkkxQHQMBtGU Dw4oNnQs3OziPBe0pdMJV6kpCH7yVVEuRjHgwjw1oS4q3W8UtxTorM3iLNRHSn8h ydzp+WmLgP7TrrFu1QT47cTfoCRsCXOypJREgrvSHXOraIg0Uf39lFcFXii2Kf8= =M4y1 -----END PGP SIGNATURE-----