This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mysql-12.1-squeeze-i386-ovf.zip.sig gpg: Signature made Tue Jun 4 22:25:27 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 3c1a345b380a8e7a1922cf739ebfa65a80a4c76a * md5sum 0533935d36021ead6fa4fe9311890197 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrmlLAAoJEIXCXpWhbrlN1uIH/1aOij3g5j8y8HyqMKctQ7fR ceEhaFncdZtYL1SdXsHUVKtPzlaSt3XXFdWj655LvNKI/JBLTazK0qpU0JMgNx1F 1uyvx6AmYNeDjTOBMwza1cDh2o4dciDKqsFiJ1UrDqN83iCrQ/qi+dj017lhg2Wq wyfIkSarE8pK6HQnOQZ6rHRosy3Z9tpO9112WYiBtYiyMKzcZTdNUpwGUetFWjtg Es8N49lwjYhW9Os1HFXfYP/2I+Pyzf2rV4ENAzW490TNGv1n2QQOSaSPyXuRMSEi UamvDIJPCU9nIpTFlFk3njx3C/8n9s+P/BgILOhqysFvIDH8+q/lF1lHKzN624s= =WFgS -----END PGP SIGNATURE-----