This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-lapp_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 13:50:53 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 66045a97e4d672dfec6be9a1db2ae565a95d2afe * md5sum 215df065a7610a16efb77225bdd6ef69 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrfC4AAoJEIXCXpWhbrlNA9AH/jTTWsAxXs3gpGSoYUlxV1ba bPYAv1xLpOJeFDh18dNSSzR9yWNVLSGsR3wKKGaA7tNZ+X+Hh9u5I53KIADjMdHx 7RUXi4t9yZA2ZWkVhSIwyohCgAem3dvYyAScf/uApjKcijDPxPmwU/4wVn5voxij hFPzM0eT7Do1oqjUn42iCgksDH0QjiB0iMc/+tdveTv2RDyhrgWBKR6HpYs4JPqu wMjhQp4AyMGGp2JAusLvEhH7m0/qkUaq3v9lcvOpc/YrEPX8Lk9HdYSgjSlqSVQb 490Qc8tJ+I/7wDjSzE7Ab/kAfKMVenJ8UBNMNmbpjiG4OfqzWLkMnXAKwF/d3oI= =jWae -----END PGP SIGNATURE-----