This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-simpleinvoices-13.0-wheezy-amd64-xen.tar.bz2.sig gpg: Signature made Fri Nov 1 09:34:25 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum ce8ccabf173ccc1997ff4d72e080e0708baaf3bf * md5sum 94b6b81cea999406b7e02471d2753724 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSc3WaAAoJEIXCXpWhbrlNgjEIAMGD7gir/ITWAVyc3PRW9g/v fmYtS6gN1wAgWIyW5k16eq9G/s5ajLwGmLGx7wHh67q0c8ll2ElPlnTLI/yifWzf 6qDzCi/m+9S17oxUpJbLbWG9cZ14wqsGy+I66GYiVjiRlbD8GszHZ38PdmHlehzC c8YqKcmsrYldohn1N4eZGqY3kkZ3odDU0A5kHyM0H4KHIyJOmEKLEfw4TiYnxtUS btJ37iMr4omgyv0XIXb4be39tMjCAII5u3WnxKbobsGpCRXLQGZj8lS7s8dcHxMQ SygHF8aDBgT7mbua1mev7epg5e8kaPUm0OuKcoGG1Um0y8rsy51nP4Gc2ehnjI4= =AsDq -----END PGP SIGNATURE-----