This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-openvpn_13.0-1_i386.tar.gz.sig gpg: Signature made Tue Oct 15 17:31:34 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 971b8bc51b0ff3943eef1e312e8f7f1126ffb7d5 * md5sum 9a32bb07eb7c7e134d9b6b6ba2e2b0f0 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXXvyAAoJEIXCXpWhbrlNaA8H/2mVKhU7fsGODwbUC8rRaAQt G3V1fpQ27g0vHivCxJFtKUDSynqZEdV13daRpaV64WH5BsLb7Fk1zfvs9F2pmqxV O4YeOMTo5gSLb5UFYPMGkZBAicuSPXvxjvPbAf47gP7XapIcN46wE7m1vyp1lODz e1NH0Y0ZWXvjZrNOKJLnBud4Mu0Hf55XABnDwasq4zqX/uFiWjis3yGWjEVrM8Tm rUbBwiMOkfi2cQDFKwtKZMcQI+XF0DUmsWDlKrq+L8z4IardaMDDgI/+hakabm29 Xhoh4+LDwkKdSes5o94elOfFv/2YlIT93qygoL7KAJW/cOXchR29secj2faS2sU= =2m3g -----END PGP SIGNATURE-----