This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-joomla15-12.1-squeeze-amd64-xen.tar.bz2.sig gpg: Signature made Tue Jun 4 13:53:31 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 32664a8a9033cbdb804a966c4fc00c4745ca933f * md5sum 2b87aa9941381257f33cdabc28ecaeed You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrfFTAAoJEIXCXpWhbrlNHSYH/1INjTeH89DoOBtHfEJ9ix7t HSzuEEdW81XKKcKQQamk3hACPmnftOOM0Sxk40c5JcLrbz2CFhGFRE2SerVHJwHY ckBmN3wr3BQ6UG+VWQ0rK3EBf5PxDWUCbvBTLccXryE0GGePWce6tHfneOH7eYhW lnX+j2I+FaYD+l8BuBLkLV9q3PiF3AQ7Vpz5ud3JUnIw1D4ckz/T1m24oi2DU3Bu gTrTLr+ne25XkjV2ASRxOgHP0JFcjmb9FMzdFJeCMiUp+58TISxrY/KGfvdylKjg ZFg/uVkfSBkpxllIxvf1ua/94Thb9cvKa0AMgwZilLlsWAU6ac+LAZZ1WOVWmhs= =WZFk -----END PGP SIGNATURE-----