This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-openphoto_12.1-1_i386.tar.gz.sig gpg: Signature made Tue Jun 4 22:43:46 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 1365293cd7bb6ab96489177f2f9ca593cf16a1a1 * md5sum c4e72deb2eb9f896ea5b322a3b381595 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrm2WAAoJEIXCXpWhbrlNNNYIANplglYkNABMUJjOEcr8oGCK 9K7zfCaSgdyWk7I9/8+ZUXwXIgBoSH/dkSkHZri9F+FDBM2h+z7ZYylA2dMkybI5 yJL+CSYbpWPj40SFZQ2rOk84iCJS0hVPUQCKw/Fp5wqYn0OzxYcmAup/dQGKdHsz gxQqHVk0zaLwi6iZGWRQ1gpclFnkTY9vazxjn4gC2QecViKvZl2ynYZx1Wc7j8+y 6HNb9oqzVr8VcmWHUiM3GRmReSzj0S7CWGK9jSXO6Qt0QWicIExKIpn3n8X01Tdr Bww6a92i7hkTu7C/lJWQ/EIDn6zIaDUc93cmq2Xqdg5oen2oGNcrWgUaDCBKuBI= =EhKZ -----END PGP SIGNATURE-----