This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-openphoto-12.1-squeeze-amd64-xen.tar.bz2.sig gpg: Signature made Tue Jun 4 15:07:35 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum de9913cb0a19de4de4601a768377c881c14b55ef * md5sum a638e76b7946954a3f63915188093d27 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrgKvAAoJEIXCXpWhbrlNAakH+QGKVAP7yStP75KoI8deEOwz sgSxDFP2TlY7Wr8c6XhgHhoYC1JFbGshOeg25UFgcL9nb9k5D145TOHfOv8eRz+e cYfR9zlLOOanEqeEf74uw0/yYH7MX272Dz0klVGmJnGmbiPsvajLVH6YIkaLCgP7 rgAwXvtFQNueayOSHF60N3e+2HEyGAl1nntxSXQJUDM7WQEvkUVetS6Ixs5oEn05 AIBJ5ExptLs+lB0xkPIee1/hioSlgLCqljNNF7Ci0oUwzJJksSBE+E07XsIanTF+ yFkaTFq7z1/jQokbzg7o1g7hfqsuAQqAIz0hIdN7HnxhRgIefoFhrsJWimdrsSA= =SmnE -----END PGP SIGNATURE-----