This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-pligg_13.0-1_amd64.ova.sig gpg: Signature made Wed Oct 16 09:53:24 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 02088a03dbc4ebe51959b5753c3b587bf4a79fa5 * md5sum 3bbc33f34f4c41d25cb12a975600ebb7 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmINAAoJEIXCXpWhbrlNwqIIAJjWMWlYsQrYAoDSR29a1Pvb MGrrwETU2HP8MiIFugNd8byPCy6uZs9FrjKv1Vw/In/1byLOnFzyVsfB1Lh4yYHL 88Jrj5vSw39gke9pmcHzINpvcZz7xwlZx/xkV8cq0EaHu4NL2OXLwJnlDtX8nq7E nXNIqzDjtXiD5uGCrM2+rGC6qmgqn7cO8Zh0bnfrDkbKg4kv8q3F5jN5KntZ42ZN SYZhz5j36V2pE/PJ6xJ2pOFLy9paF5jwTP4m6sA5N9BWf2mWRtNfbB5dOEgfTpUd uIZ2rh4T/Hf1sFWU4BSiPw1K54RvK9FZg2jF0AmDRtJa9acvyRSeJF/w1p0/9Lo= =U2Cl -----END PGP SIGNATURE-----