This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-vtiger_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 16:55:19 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 255a5e37fa95966fd63a7f14f3590a21b1b751ef * md5sum f6ad134d202d98ddde73f840306fdcd9 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrhvxAAoJEIXCXpWhbrlNCZAH/iwOkoXKsBhv4S6C0Y7FMkyP Wj7XDvw04dRKGhLR2apgkGF10asn931ySUqHVM7MpKtgXd5vw9MtbUls/W5mBjs6 CXVDCmaX8no6Snt6yUFoIPsJL3jS2sqOXZXw1PL1IGEfQUVBpZDDF29M9YiR+yDo qCN97Y1iS1ATo1gCKcCOFKYf8wXo+pL9Sav/97ZuhK9Qp0mJBl/m2otHHzIQeycR zB2ktNiwQ9OYM5o8VWMfyONHIpdlYvFXKLI6yyWGwGCrZJNJcgfPMX+/MWHWmzbC pwKGDcshXnXX0Kz+6GEoVTGNEkQ1rOUReHxtRvnsiMeZZY7LngNaPrjHvEXFASU= =iz0G -----END PGP SIGNATURE-----