This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-vanilla_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 16:51:27 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 0469889768418b412fc4c83a863ea4028e76a8dc * md5sum f6acb24a8310a3995a2ce2c8755eb01c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrhsIAAoJEIXCXpWhbrlN37UIAK4Tpjrx0GYBIyMlUhWAENkt b6aDwUvIqbA5E8ygw/MdiQgUU9CnfcUp3ZAwFG+voKxEdIO1K00rFpV0Vf0KjWbS zZ6WLMYA+7LArgKAtmJO+kjg1VUOqxiJEXzcVa/0cwdJZTwitTIb6vqxCpV2xUAH 65fcDya0Os/dm6MYovpQH37676+sOu0X7N0GVZvrGPDBN7TpbL4fjEA452c++Vj6 JTfXLunuNpRCJl6DD8EP3y62fxi3jub+Ea22A7NN8KWwriSyutFTNdp+bp24j5bt Y0kXEVR6qkmespTRMhKTrwbhJbwJTZtoljYCkF++z/RPdluEDWud3d4oezVbkJY= =+yJm -----END PGP SIGNATURE-----