This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-revision-control-12.1-squeeze-i386-xen.tar.bz2.sig gpg: Signature made Wed Jun 5 00:17:33 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum f4854dec5e02bad6d949e26e8e5b70ae52800591 * md5sum 63ccab533edd227f948b89ffd2519562 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRroOSAAoJEIXCXpWhbrlNB/AH/0MCUMQexUcnJfIXUonRSBZ7 U11fCb9n3AUlXgLPFdlVZfm1V3IJzQ1bC6A7FlPA9iZRY9I/dfDRCgYP7rk7eRRM cRwlFd0J0LFelNV8HE593elh0Ayh42NHwKmpPs9Q3/zoC0qD4bj+R58yyADRud7N fyQTm/aoWOjCmlpGxX7euV15Q39xYRJdMNPMbAQaBBJShgb6/L0+62QViAgmIw/S tlagP5oq4zA/eC9STyMOj9PGM9gOmgwvNWg+TykfIAYVHK5k7641E2Z1DR7WhyXs Wcdzvhbq8piJlPx5LuuArciqOfIC0sUR4azZ3GWCywuceux99r1813y5ED/VNrk= =1RqV -----END PGP SIGNATURE-----