This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-lapp_13.0-1_i386.tar.gz.sig gpg: Signature made Tue Oct 15 16:24:31 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 6e91cca3d9b767cdf4f42fed033404e802ef4c08 * md5sum 736441178ea912cc684a67c3f0c89fcc You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXWw5AAoJEIXCXpWhbrlNXc8IAODnLZ/nrfNuGb6k/uoacIjx yMEV6yAZk5NvKLDOrtAHhria0Qoe+6HJWnm0p/gg/sTfofPML7rLGXmawGVPN600 4RTvboUgd/KsSK7ob4Oq4Ijt2zQU8wDOj3pB1liu99vbXknTIlWf+xuWgXab64f2 zTKqedV0LkMLqXb32Rw9f91Vks0VAYiOOKvrOasPcGK+HKt2zdncQtyoAhoagazJ PMjElp+zG+Xb5LXxIAoCOQQG9GGT6XlBj18wgvNp6NVsCe/n3qNQQR25XZnibBY1 spbC6gkK/t79iBF9DT0rf4KFvo+R+yM6eyYbiJZBb10gOcyCB2q1cFCRtxmQbyU= =Pcmo -----END PGP SIGNATURE-----