This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-e107_12.1-1_i386.tar.gz.sig gpg: Signature made Tue Jun 4 20:46:50 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum a16452bfee32f6e68a1cb8b8eab9c0a5f18b82b6 * md5sum b366f38c59948bcff0d01f9ee4638edc You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrlIwAAoJEIXCXpWhbrlNnxwIANX3wBHISdrbzFB6dQtnxGHI Q6aJStTMuSyR3f5SmKx1Qopi4sHC3FOtK8P+9yUAg9GbaCzMtZwD9CSMfEKvKM1p 8EgDSSOTpJgTG+csFhuK8SK5IE7vRWtSdLwzuUue6BBeBxEXkqJSPtmcRPIf9p4E 1DLZI3WU8bj5BYjJcrvBbOE/I2K7De0d6WuLQe8eFRkeVOJctLCf2inTo08HMPnP Oihi3ibRK/3tmnh1pJLaJwcEoQdKIrNNCZLZOw/bTAKelFeam28rMcwCXMFS4wCC 1Bs2xGmidjiQasrZQKwN81YTx9x5GsK+ZAM5Q9gBCVuzPwsHIkvhO8BN1kuuuJ4= =KfVP -----END PGP SIGNATURE-----