This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-fileserver-12.0-squeeze-x86-xen.tar.bz2.sig gpg: Signature made Tue Aug 21 15:40:01 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum da5a77005a481f1beb65bc0cdb0f613fb66e198a * md5sum b68d21e2c6a65d050241978f5fc2959f You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQM6vIAAoJEIXCXpWhbrlNQ/8IAOFZf240JZWtVi21Xpo732b+ YrkwPdnJS/GaWS7A7S23ejpQBlVipGTjNIOhp57IeFiNBz2CY2COtISpiJL9dh0N 0kJzB6B9ZTL9dXJY3rPa2y+3jaldiFWOmfpwNvEwM2JAh8WMWW0dwfAKSu6mkSDk fup2adoW2BI2sVbvePzTX1j/s7PQcLnCof4BhSG/G4TaR0EIc9b2I0lxRhcUqdgq tM+DKzrFp1yltUrmQr2ivHd5u8Vbf864aj9TMKyZLgz043Za3uEZkPLr1/LTGlXy xSQs+VeTZEidY43lMZ/6IOl2N7oKqBqJ4zoNVvYW29ZnS1KnNypL0YTSlsjWEZA= =A3lR -----END PGP SIGNATURE-----