This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-mongodb_13.0-1_i386.tar.gz.sig gpg: Signature made Tue Oct 15 17:09:04 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 2ffdd3eda55dcc4438dacbe60f8c66b42b9c3b78 * md5sum 3ab13e069b6a9a894f7d69a71f52386c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXXanAAoJEIXCXpWhbrlNRH0H/2hySuq7l40K79X0SPqOONcw 6haE7ZEhJvKIuoGeaAMMzu1XPKpInUh0jTjA4XTEQzI2feJAPP3LwpTBPwEDm4o5 WMRxfXMc0JhOD4HBOn2QB0q0MpqEWd2LbdGiRUgPA2t5kK8P8rtcICyQX5r6cq6X wMU0ErkcNTVYACevoon+QADixE0wcS2ykE9c7Z/R0qVacQu6Edify8Yji8zPF5p3 VsphXWu628ttxSSrMq96hlFX+9VNzGScBQio9v631vrlH49KomdRT44aVlzG2xXr Qzfkqh/vl2eU1MDAnJ5BLk4GElkqPmnT4XkuW5RNfksDqhvnDewG7GjmAL3CSf4= =UaUx -----END PGP SIGNATURE-----