This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-torrentserver-12.1-squeeze-amd64-xen.tar.bz2.sig gpg: Signature made Tue Jun 4 16:58:42 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 35f415b83f9fa66b3eead37fc4c6b4b2b428af05 * md5sum d046b13fde9bc56b56197a1cba4cecd5 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrhy7AAoJEIXCXpWhbrlN1WQIAJFxHEQXbX7OP7LdUhXbZxxK +CAAOLY7NsH0PLlZqNYd8Y2tNWCXRj0Ku1x8DF5QlZTFM/gIaEy4a5lOsEcfHouv HBpv2NWR7KpGLfnwHiqlB2ukBLNHrJGQAiYkhFpyHy2YKVGS2DCMMDrFZcrzLuj9 MZp107qCgGmpT/aCofy/1H07blqzcniurEkyL3tZ+J0a0w0y6i3hbKcIaWIFJk21 VEURU17h8CKxbFqh6w5koLIga+M4nSLOMHCdzYANtJH8TEx0jct1iBmtti7xcMDm ZXj96wLwGwrRTIpdjcYIoWx6PRAA3/CqdRH9TN8mJPKvCMXP15dAbNRJH7Jz0dk= =5ioV -----END PGP SIGNATURE-----