This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-osqa_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 14:59:45 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 34e28134cb34b17bd8c48d53b42613636e894d71 * md5sum 0577afad2738fdd4874c37b107b55375 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrgDaAAoJEIXCXpWhbrlNAm4IAOnK/erxJttSvjtYqUUlrLPF TNO4oxW222WBo5SEx2Or126QuC40/8JslOQtplk/6ekMTab+smshj02PpXG57BnB uFy3aL8miB//9SFOojgaepvvkhat9trNoHjNjghn9ttY0uik4GiJmSpT/Tb8pzAx vm8frGJMn2D7QDA8pEKGMEyEUO7xbAlQQcNyOdQxGvdnCzbd1gI4dzDgLCI1LIzn jTlhRy5DaIDfqf+Mn04BEdIj+vgyZoJFDwC1SytLBl+gJU5htekk1kMySRZ7K0JT FQ6El8rSWOy6DGIAeESbjP87xc3FktGMjbz37wZVp97mf6U2A24FHWQCKrCPyzI= =BWZN -----END PGP SIGNATURE-----