This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-xoops-12.1-squeeze-amd64-xen.tar.bz2.sig gpg: Signature made Tue Jun 4 17:30:58 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 017e522752c0f0cbed673ade8fe57d66fd38096d * md5sum 45e7f1b1000932be0fc3d0b096f1e483 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRriRLAAoJEIXCXpWhbrlNFqoH/0p1R9F1oH4Qv27ZwSZLDt7f hTCyQ0M9PUHP2RRrsaas4bUfSbWTJSWzccYUJd8yY08rfkqFcNjs8Vq9DGTbHs+S jk2SHFFze18p9+UfTQFG+4RS54G0MBLeORZkNaMMbcqDsiv8bjZa8VGSKDmt4xGD h291KYyEENHYKts1+3RRuSxEVJUdfdV4TqbkIJbgjw7uu6dNwIcmduCLYUmca3Za SuHufqULiG/BQ2uE6ENeWD5UYUiOYPytl2lcQWWR6vE0GhTl+jMUJx/uKquKJrqx Feq9nlgoRfkD1M5+91WCAisVbVfnPkda0MBub6dXl9gCftfjbtX1jtxCqBwCmJM= =IBlP -----END PGP SIGNATURE-----