This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-b2evolution_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 12:31:58 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 8d39281d23498b798008016d0432b50330f1fc3b * md5sum 201fb21c0fdbec10c182e5ac0612b50f You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrd43AAoJEIXCXpWhbrlN/8QH/3gWRQAetZj0HeWf+v3weRoG zRSenaBFmO4kv6M8D+DkDX5Nm82hSLGEK65XZjzK3d275BTBjQUUVU8VxO14MFWR d9AghNA/1ZjU0+FdAmnP0flLrv59IDeVLDndtRnJ7sd/Hle2NplbheZbPhif/iqi Lca2MEXBzNKWQbm7VK6jgljdYEDZbOd4Ag0rMzxUldLoJDDdTyomhCtDZwB3MARS 8ieewMyhmPvg1v9HBq5C+txamy4OBhreZZ9C0dapj0uoegnOQX2wR3XFDVQcZ3H4 XY7wrwOy9tM9awHTnUeLXYjlmFjtODz1zgkMG341ZcNJujxWn2O0Dgky6Uq5o5E= =4rD/ -----END PGP SIGNATURE-----