This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-roundup-12.1-squeeze-amd64-xen.tar.bz2.sig gpg: Signature made Tue Jun 4 16:09:11 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 2fe2b94c54ef760df68290d258f20e7493faa234 * md5sum b2378bca5f4ed6c442b41b701c1f8b22 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrhEgAAoJEIXCXpWhbrlNXioIAK1e0BtcgYcwNdupzjykO1sn i0F+ek07HKZLm+WxAK+Oth5XHQuLvwBBKHr6fhRBayE8jGcP+mb9v/8RUt7asrFj Id0oQlw65JijGu07rpGYcvvOl9vynUozQss+SGcfrzfn2Xh9oJQWizig6QB2BJkx rnl+RvRxWfJKm6jOiOEmPP3TxP9c3mimyQePLGb2n2+QAxjzIXNZXxeDVbCHhRKN Z6QOwJsca+Yd94x57uLGItSyxcbuj/jNAdXYG9zkVw9o8YWD8DCh/sF9Q5wHxoAU 0sVVB2ZpSuPtYuHKRCyD3UPIHadhGSZklih2taV/75Pysv0eQym0EpTs4Z3l1jU= =9WQD -----END PGP SIGNATURE-----