This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-tkldev-13.0-wheezy-i386-xen.tar.bz2.sig gpg: Signature made Fri Nov 1 09:50:41 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 316ea0301fba0d085aa302e632d6aa33a686c07a * md5sum d97bc16dba2886d6a4ca99353b9b53aa You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSc3lqAAoJEIXCXpWhbrlNIvgH/2HTw4JEIs5zbxXnd2Jc7YTe /z3/uX5m+Q/d9pqBTfn+o6bZwnwsJ8yzsc1zJ/ANkg6UMctgU/lA9qDMWaA3ojIL Urb57sKIrBOdkiWX3arQYh8faYnG6L1/wQIsmmnbKsJB3JOD244Ixd3hP60PIDGx yH0yzH2C5dKnFiiPBGPbnWbCAP7Z99qgzMSG1ttH7bBkh0TFI+Lz2dYNVDTWBDp7 GmUlH3S7uulyCl5BU+E2lMvFSXLtaLQuuYbvzC1XmYJRy/TJNdxDv4Q+lcIGe1ks GffrHSamgZ/eW0Rd57yV8lLLFmoXwwx5FgBtyP8HnIC9tIOJNaRmz1tdoPck9CM= =EDea -----END PGP SIGNATURE-----