This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mibew-13.0-wheezy-amd64-xen.tar.bz2.sig gpg: Signature made Fri Nov 1 09:11:32 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 95a3306cfb0235fa90dbb0511fbefcee24ea84c8 * md5sum 572b2b3a5e5e0848ec2bb4ecbddff4a2 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSc3A8AAoJEIXCXpWhbrlNO5cIAOvz8KdAOBPY5ErNFFqRV72N O61nWe6htkwYWKKjmfawaZS1eCz7y5+Qm/0+NfaHk0RCVs7RNZxIf0RFMC+4UEb0 3YwG5iiy170lzxm1TQIIeE8UDezu3hc8D+oCLUr7bsBQYIgi74nR/UOVS01XZRuP ooU5KTa6png68SXiQHLLxB3F6b3twV55dYz0Ry4vFkyF7cVCyj24v/qwk3pG5J3s +J4SCwIpNTricn5WefsJ3h/m2iX4CURdNX4bc6oeW0kU1KZCZy2Ny8L1Gzn/75QM 17L2F8lQSu86B7kRqlsfWv0zFFADtk8eDYtdCRCzp+d8hIES5d0Br3hfmErX6S8= =5xKF -----END PGP SIGNATURE-----