This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-revision-control-13.0-wheezy-amd64-xen.tar.bz2.sig gpg: Signature made Fri Nov 1 09:31:42 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 10bcf3810c17436a0440f7d1f700fa68dbfe491a * md5sum 854c72d7fb269c0130bfa951dd5dab6e You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSc3T3AAoJEIXCXpWhbrlN6ZAIAIMXFfAl6/73QGXcQZv2n48e 4fv0X1xmu52vBi21avXAzOcqhTObI2T0DKFuaAPU6Jl2ksSPLibUcHlyN8wUI5FV 9nND0oZkSoc3m0dpA85XHbsIvAuXYkx7cwhDsUcLcfc3CGZRzDulW/VqrsAagcz+ ZGloayLa6pwDtRS5xjLDOqV50bNK+Mfim3SM9MXkkV8rpGhgtQfMYizexTyhthq5 W1jypihVurXcudVJb6eX1n5FLGkWIWtcVq+OeM1BV+ciEVgGU0zFlrZ/nWG4VbhH uy8V4xRD+H2sswReaBCEL8vH8ZyuYxDc7muh8dymluXPFGX7afd1JSok14tPNpM= =vcUR -----END PGP SIGNATURE-----