This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-rails-13.0-wheezy-amd64-xen.tar.bz2.sig gpg: Signature made Fri Nov 1 09:31:11 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 92801246a98d01dd51d0b64a19bf99e83c91df56 * md5sum 915e1b1b1c8ee69eb959b391836d9639 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSc3TWAAoJEIXCXpWhbrlNaqQH/2LYyBYecFSiyfMEue5it6YU PXT4znPU7l36A18mEFK8J2YRQ8uODmPq8tZpCDIJ9WrbRgyiyAyBJAn71CA8fHt4 8NOM5Dqsz+SRgs7V9ugPA8NA7sw8pk8991pfv7TPgNNoH5hCTFgk3HP6ab9+RdGJ bXZlPUG8JcGVrEQlXzmvxX9LmSlNmHwEyX4B8xYQnink+YebswdDmOpoDo4f8RVr KUONsXpoP+vNqITpQeatSikSdslgAt4nUuXVHYNewmdgOQrCoqd4khqzR7+GJnt/ gxkiVuGJ8HV92uK3Wte7drpxX0/h1/vSf8MuNq2W7Ipqmuv773FgzZzYRYSz/nc= =8rTn -----END PGP SIGNATURE-----