This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-dokuwiki-13.0-wheezy-amd64-vmdk.zip.sig gpg: Signature made Wed Oct 16 08:10:53 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 5645c3086937892598acaa48a2262a1e55019dd9 * md5sum d8e0c6565211567979c249c6d08b282b You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXkoFAAoJEIXCXpWhbrlNa5sH/3tybNhw0K6+zJhAQHXOm03G 4lR/UWvPzQhIbLBlYyVghaUidzaGEJJZbjQH+3zlRQZUN3ec5xPRIRIRyZp+vkup U8SoW2ZJAfu0Y9wXtN7uh3xXvtU6nvVqbeggK5xrmwKXIj8h9demFuMQu5kLKUm5 N8UvGJl95PxbXWqesD6hCwl/m+TsYrpu+wcvui01Nd6hQo2ot2VO5Rtve9WyoLK7 ejpxFjaLRL14gZNUeKrHZbXiihTw8uLvBJehRio1EEslvXsARZQHDeTm41VI4HZQ PNaTs/M2LOg/zszAoo25+TgiCAx6L/LBa1FLe2Wfy3y/kp9PeJCu3Y2JfigNJz4= =p/Wt -----END PGP SIGNATURE-----