This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-jenkins_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 13:44:05 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum c6eba472a3188aa0854aff8205b9d14fb30ee0c2 * md5sum 62c7f0e91f0019ba633391d2578edb03 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRre8YAAoJEIXCXpWhbrlNLfgH/j0CPIBSh+syHnGTkN6lk8Cb B+6CHNkHS04xzKzWB89FcLzcC9kLmLTdfIiGuDg8Ai1tH833Cb5noeVNweuZRsfN oH+sjemM7oH3xSU0tCwzngEziDIoaJmG0MZRrNoeX7NuksSx0AVyxa1ea2mEiDqr SaGAMLQbZooqNlfh42khN0REgi/9zyrfQjubf6qhEauZFteMXTdT+BBh6sSZK80v 9cqYCHWs5gHpOvVX5d03GGkgKMIvGZHt9YHTpbVkTDMonAZAOtZwbomajiZRmhTd Zy7kEcTCy0YewklOq/QSdeXw4gF+a+YP10Upx5emVFbo2bU7oJ1jEYRZpmUc2CQ= =AcjB -----END PGP SIGNATURE-----