This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-sahana-eden-13.0-wheezy-amd64-xen.tar.bz2.sig gpg: Signature made Fri Nov 1 09:35:22 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 6d30cf0dd36303f1ee1b97a5c538a8815b96a05d * md5sum dc86d0b596c09fca94a725827e24ed7c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSc3XQAAoJEIXCXpWhbrlNFtMIAKEVqbBgcs8WxJMalXzfLpAW hs1CbenLz64vQCE6+sm1JAAxIvXa7KUj2jxvFXp2xIFXNHLs2OOuDqGwMhetLgTD hdLWqQyUnY3D6XMbSFNUNrv0xY1NVYSLiB/hYe47xEwqUJkUlhqqJVHxBPsSHxk4 60RySwWFZGMXXi/LG+YQ7NHPtObhH+EMQQ9tjgClTBLsgE9DQ+2zqi96h1nkvdiL WgnGXrQeEi3fJh6JS+mnCUpDBinxMo59sXS2EgFc2HmqEbwJdLppTjg0CRASHZlc lx6cwfdTBP67hhmuFOAYyX59z9FgCY0Niv35hVWA66/HUw0aio90X6NQXBV+ZJQ= =zvI4 -----END PGP SIGNATURE-----