This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-tkldev-12.1-squeeze-i386-xen.tar.bz2.sig gpg: Signature made Sun Jul 14 12:42:44 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 5ad707350ad42a9fc124702f8bdd3e845947e9c3 * md5sum 980aadf10439035775430e6cb6427402 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJR4py7AAoJEIXCXpWhbrlN+QoH/A5OpPJn7vIvlp5fDh6tXSg0 vs1bnf5ksQ+82fHO6EtIEKKohiKEi/WAb2wZu6x40xJI9pFAdRq0F8JFrM/85OsV 6yWiBc3T2h4aI1sNha6aIRmKCALYxePXidywm4VLZw3MWWvIBg/Bm97JaTGm39Fe qffe1dNTeh85QlF3AkPbMlP9eTyFaI5TWoA+He/IMqQ987vWWYiXdi8UsQXXX9Bm gH3BzhzqNPxORjap2mQCuQ+x1OHjTxwrsHEEhTMuHF3yq0T1kIXj+/a/BiUp/v4b ZYcCDW29MdSuQZXR80+QPwIxRp72j3YYHw87G5/bBVOUexNDt1s9naltZMnenz8= =rKe1 -----END PGP SIGNATURE-----