This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-statusnet_13.0-1_i386.tar.gz.sig gpg: Signature made Tue Oct 15 19:31:58 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 6c6bf5b230c41084156cf47f7d5bdf8a5b272bab * md5sum 628e691147095bcc1a0d6767ac398887 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXZgnAAoJEIXCXpWhbrlNw7EIAJs70GwZDkhb6ME2e6Jo148F XI83zNZBZSJi3OjQGoGqHNPLwkfHC2N+TZG7zNTjG0S+WYuiV2+iiSGW+gYS0jay Oa4q8EmccCcZ5ZweWt3Vv6qNR/mwKAwxo+Xg59mUwaiNpZ5l3jiW1bx+ben51rxy P6J69EdHBgzxQ+q37wJplcIDcWM/NUeozskDP+bUzJx9z9wwbJtw7C1B/CTBQ1n9 x/L9SeGh+eqAz1gXwhuICfkHdtGekreazlVKiJs/MF4ZcuL4PZPtIlH5u7XZrY6G Y0Rsq2Y5eYVR1wyjoFeu6ZA6oJA1ihoB31bpD7I1Bf/pAbysxo8t7YIrEA+iKLc= =8DbH -----END PGP SIGNATURE-----