This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mediawiki-12.1-squeeze-amd64-xen.tar.bz2.sig gpg: Signature made Tue Jun 4 14:23:38 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 6163223fd82c9a5b001d444634013042d4753dee * md5sum 147d8b3a105363f00f31344f092c8937 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrfhjAAoJEIXCXpWhbrlNC7cIAJCWCHUZmhQPJH+BRhyXSC1l hatU8jz61ZQoJvZzq6WDsv5pDlA9ObB3Nuxcg3QMhKgbkxawvX1VOiOTOAjR1DD4 HLGyReCQrkIzcWX/CY8OCS52QlMQFeb1/BGN+vdFxVV14I55ILWdvI0WOgWoe+a6 fXuSTfu9pMnEn5S/IHEITdqNhOWLqBzM+V/G1m+Zs8QxufdbqF75UdyONkAENkOS q3rGr12E2eIMvirsrzREu3PROb1/7hf9FtwRbjwfXsqOh6/BU0I0mvew/cqqqP1P 6BmYWgmjQKDPOvL49ojr3m2K3pgPuFT6gdArL3Yf4k+z+FxUcXD+fET/p6Zmtbc= =u8+4 -----END PGP SIGNATURE-----