This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-tkldev_13.0-1_amd64.tar.gz.sig gpg: Signature made Wed Oct 16 10:20:11 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum e47482c06047cdb06cbad8a8aa268e0e9faf2476 * md5sum d29a75326e4533b0227dcf6fd67b4add You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmhVAAoJEIXCXpWhbrlNWKcH/0oSuPcbejB6UuCuT+2SVWkS PzgNtZQ5S5OYO1jdPIQSk92OpAm14AIAe3O8XvDJNpRQy7/qX8ZS1Tw4cZXtFEjV I3zWaJwGzhRVtcC/3NDzoa2fBM4zNU1qoV0yuS7q6z5HrnbbPre2KlXEn2ERtw/t fGD/c1Jhtmhg04M4t6MHmaENeR38tEx4LKEi6yY6oowowDyCg2o+Uv7b/vZZGX8B AI40LkA3GAM766quxgboJhgecS8N5yEJYdL660F6dOBdrose6oE25A27yBJRAZ1I rgY0e4/jVMG3vHvxrBsAz8wXAz9m3XIWracg/8JveMZzYxeU6JyzaeeskFGo5Z8= =IEvy -----END PGP SIGNATURE-----