This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-prestashop-13.0-wheezy-i386-xen.tar.bz2.sig gpg: Signature made Fri Nov 1 09:36:44 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum acc324a30a10caefbe6538e5c166800cc9bfc671 * md5sum e855578a9b65cede3d2564398eef0709 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSc3YkAAoJEIXCXpWhbrlNHf0IAIZe8tdqcmoHNGltndv+cmjq p9XJX/RiNJUDC/pXvv3RQEALUYFOszUF21tKnoEtK/70KrxLTh8y8XJU8xtdBmFT 8WAqhdS7q6VLR2rlTLxw+SWdGd1aop1S3y6i75ACJaGZONnOBnZbUqeQ2FG0sxPZ sSZGCIpU3SwT0kHqeLmfAAQr35Mz/f/berpa5XfV7Ejy4Xd8O7beua2yWXIaE37J Vrd7BRD22tx7CNXm87m8ozhuRLEEaUBFHSXcCgN2UPupLFnT+O10jkiOCoMxpuqc 8zNTO6CgevyIAIwt09ssOL2pXBLfXw4nmX94PKkxNgUW2UYENuDuo/HXfjY4XQ8= =1X1k -----END PGP SIGNATURE-----