This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-sencha-12.1-squeeze-i386-xen.tar.bz2.sig gpg: Signature made Wed Jun 5 07:57:33 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 24ca74b0c729fa08ed5cf1c873a6178f2bcc83a0 * md5sum 22e2f8438174f5c4bc121ef5c413d4b7 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRru9YAAoJEIXCXpWhbrlND7cIAOrwCGQ5Sm0w8v0lYsDFDKnd CuYGOOVz5uQPrI+YRyK7OajfrX7BKfqhnxZA+pg2aTy5QSteW+rIon2UJ7AM+W0l a0a6x4S/4TCQ24LdaSvy1V6f4sVPUmedVhRPJaarPdU60f+fgk2PAwTbToDqCx9s TAtRlOhSY8yeJNKaAJaWIQ6dnLSIZjFyXqZw8ehpwpB7+0l9mJ9dUYz71Jd/nn0w a97W0MugakPty6pA1whGoSXhC2U7ffXa7iDvULYZB4y8mnNJ40PNNkUcsapft9wi /S0lOVW6YdnZ2VoDn3fdHLSufn0QR7zxOBFTQSkvMEdPdqmHgBu7pCW7Z4OBFzg= =9Rjz -----END PGP SIGNATURE-----