This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-moodle-13.0-wheezy-i386-ovf.zip.sig gpg: Signature made Tue Oct 15 17:02:59 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 35708f57014f1202f16bcca6d93b9066710ebb48 * md5sum b2790b2ca3b3346eb8815d8cdb9395c6 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXXU2AAoJEIXCXpWhbrlN6BsIAJOlB7/GUDH7IWMvNp7IZrEf nuDLhM7ogBJfLgqdh2BBrujru/mN17Hr14iN2Vzqa6ONQPf7Q8Jlz+zcrODGdeFA Ye1+7iOgsZOWgNEzM+jvwBC7P+rZyGBrrtMLhv4Bfmf6dCOC6nUG1Byfeg9pj8NG zZ2mvuTX49SrOn8QwhdwNpq8Wb8dcYzjzkSdj/lyVB2SK3gL34ltqNYZ5RwSYF8I q3N40avOtt0pUU+BDMEHA2RP4vrUBaTkwzzLM4QR2yJ9Axkr90MgBQ9X15Xw4M82 GIm2XjsuiJKkzVSIgHw8GJtXeQEGjvHRab+lYCOUshXDC27327tt9ZzxrDEHT1Q= =6JiM -----END PGP SIGNATURE-----