This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-concrete5-12.1-squeeze-amd64-vmdk.zip.sig
      gpg: Signature made Tue Jun  4 12:47:56 UTC 2013 using RSA key ID A16EB94D
      gpg: Good signature from "Turnkey Linux Release Key"

For your convenience we also include file checksums:

    * sha1sum  0f7900f277ba009d1fa43b0c70a0bf9740d95c58
    * md5sum   15244505086afb9f15768413d6b0b841

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAABAgAGBQJRreH0AAoJEIXCXpWhbrlNG0MH/jOEJYxaYSbcnPaQpvlDDGOa
nLAyCQVDrsCjr/cWum7cN60fo6OdqLaOo8gZKCvyxpkHbiWUBe/dhiA5Za+ONQSQ
+TQJVDUyEfZejm8fj5NcW6QRPZQww5q1SG5eNfe5WBaRBJgHh8znTM7R4XiNidvu
fVhmVe45mf68Sm8eQRcZeJaGRV43/hAW8YFzcCBaOY1pxVzf5cr63o40Y3LV2eQ/
kCIpGBXYIVU+qRMmYSBIK95nT7iHjZFAxxMeWMbvYcXXXPr4JZHiz7Nw3jWHPyGS
eXO9UfBtbQRVzWFYKJ4487447Duvs4hcDx7zf1k9WmqpkT0+ACl4X43O89l3dDw=
=3gm0
-----END PGP SIGNATURE-----