This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mibew-12.1-squeeze-amd64-xen.tar.bz2.sig gpg: Signature made Tue Jun 4 14:24:49 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 82dd994baa2d29a18e3a77ae274ac2f438b37feb * md5sum a79b7e758b1e869daf1f8aa312380a1e You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrfipAAoJEIXCXpWhbrlNmYsH/3cyQUYdPLSHZSx6nzvnuonO QPsn1PZP3a6UFCs/2b4yYp8sN/jFbNuMd7dfWkNFZP2bvJG0Cwl7nBV8BEJ8q8TA NrHI5qWpH7gVTe3JmOwfWtWnLagPA2xENnndJFh+sh5FlLbs+tgPCcnP+Fy3tKZO A/+UBDC1DaTxg2L2tUz5FbOhIcyV0PIqAoQ/QSj+lPLqwD5Mc6Zeum49X3CJSJHD k3J7toTNPdHpCAc55yfmb6w1jdf+cY6v4W6PIDIJQpfpdOj3e0W53fELcsypkn4D +nGKjbPV3Jp0aB5Hf1sSz76FyAkLXBcaYwm45qffveCHcVoOiF6s/ARGdSCi72I= =oH+6 -----END PGP SIGNATURE-----