This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-punbb-13.0-wheezy-amd64-xen.tar.bz2.sig gpg: Signature made Fri Nov 1 09:29:36 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum b7dea877161f78b36e8c0b6b45380ac56ab53338 * md5sum d8b13298ef5a1eae8559db1060ebfac4 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSc3R6AAoJEIXCXpWhbrlNoNEH/0GgflToU/dmxiqgcyo1H0Zh nk+jQ/Rq2pG6qKYx3zuo6XS7wfZTcsVHsNwwQeB9K2lrGHUO+ydObcYmt4Kjdofe pYI6YYxViNXnLczv3B0q+MdEKvJ5Pa/EhZ6pXZoPc79ea7mf7DJTrWHkuOShJTBi y/+HV5BDrvlbb0L5x1Bm2vYzXpxtCypqikDF75uZCL4XDqGqzX0eRie+2g2eIDl1 aYU3VRNwzbJS5L5Li9xcQQSMFd9qGaSw/h4uVFdrhFhXmGdePVSgehD4U4Fq6oo6 oqID2pZLyIbwEVocigP3svljTsQViYc2GbLaG6nlhimpSX4RuFwLwx7X9p2+mhA= =L6sT -----END PGP SIGNATURE-----