This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-openldap_12.0-1_i386.tar.gz.sig gpg: Signature made Tue Aug 21 14:23:04 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 6262d89c5de15254089a0fc5df786dc9cf115338 * md5sum 7c613affa7b0e9ac2265b7431629c082 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQM5nCAAoJEIXCXpWhbrlNPvQH/AyvwCnE5tjeeI2nxuBXqbqe gHqKQp6+zqfZtXKSuHuA53Sk8fOd2PvqgmVxGG9LHlCV/cZT6SFkVdNSs965+6KF azvTrkvVI+qGXBeSVPl3U5Nz+4FXaeI9jrF+16DmIUna0aT/ml4hshC9NJEao+lz y8Ys6EiNFajNcZQ+Rd4PibxAvWh/advkOmXngFUAxFwYYUcGTBg5T03J6fAkvhMl 0LpLkrSY6CkAkDVer55F7hFSRA/YtuJllA7108Ek7JOfWQwwADU7wWl6XGPBhRKx dc/L3i5nt1owy/3p6cSjMsA4rb2Q2lvgh/KhjoecTkq40k4JVxlEmKY4lkymXrg= =+CwS -----END PGP SIGNATURE-----