This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-phpbb-12.1-squeeze-amd64-xen.tar.bz2.sig gpg: Signature made Tue Jun 4 15:14:18 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 6dbd4adb504aad76badca9ab51ca04e0a19b04a4 * md5sum 3fe936cf8015db829a41fb8aaee4440c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrgRCAAoJEIXCXpWhbrlNyZAIANmrJBSOEkW1WWpZ6NR1zsy5 JU+Wp/lFLV5c+CtaISROcHolKbjhKB2mMH72vYlQ3KcdSWtzeKCvIO3xTR/6yTgx i7sWQ2NcJAyJacSWhL0dTCHmjnmGhQFudJBK84raFKKVslvg9jWSP3QUoSllRw4P OQPoixGKv1wahQIcuCy7znddnW4h5KjIAIY2ggGFBPlRXE24z6mYso5HBdaWVzZ1 fbcxGk5mpRoPo+T0CryA/Yc6Gp1Hf2SZtyjO3F7b/v95Z61mrqk7Euo5Lu9yLi5u BKzz65YtHOocyxKEaip6pOs1IlI9Qw1fjqms3SGQgGRuOYL1etnVMB6EHg0qmWQ= =Fs6U -----END PGP SIGNATURE-----