This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-nodejs_13.0-1_i386.tar.gz.sig gpg: Signature made Tue Oct 15 17:14:57 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 720835a4784da626d37b4d55b3afc4bfe753eda1 * md5sum ca04a170f3a708fe3abee56612ed93e3 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXXgKAAoJEIXCXpWhbrlNHdkH/0EqcYRnOMPFIBp4xwi9RewO 11jXrTBCV71Hl0Yx0izy+/DeShqvXXP+uWXtyUz0vUnSw4h0V0J3DiftklhVARv9 VtJ5Yw3SGOMMLmTI8sVbzw0GC1o+SXaQ2WMy5IyqR/3M6TdwpPrGWWkJEBJxUMRG HwG+fsdUmNoZcojeQT+Y7MvkwBQByN/kZCHHedelRX8SC0m4YeNOd9YXeKYVOxEF u3KxdeCnQsstnGXiqs/bvwnfy2C5jCmRlkUWGen2xYlrD6apvwEnwGV6vZc3UopJ ToGuE6GjPikoQ611IYDv/sj/lZaIv1rf2WgVyjkV53x5jAU0wc0PcK2vfqd5RFI= =7YHF -----END PGP SIGNATURE-----