This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-statusnet-12.0-squeeze-x86-xen.tar.bz2.sig gpg: Signature made Tue Aug 21 17:10:20 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 8f49f6f8db8ab1dfff383a13153541ebd881e1de * md5sum de64640dc2e494a5ea94a819d9d2716e You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQM8DyAAoJEIXCXpWhbrlNJFMIALWIdzCFphxa+IV4Wae5RVbI wN/XXgeWXAQ8SSVYriSFCeR6U9okUKOdAH9NQS3v3XkoA23m4X8CF31h+4LrGiNl dgn4se8qcp44kaxS+HnLkhOOrmGQap6EyeAA5vhwuF9tERh7f8gOfB2deVTOoUlM pFvTDpN8q4zUb2zushEsSyGDa6iNYeUUPOenyHbbpM6BuOY0gENpqFix1hv0Q4kF PdsVA2EhdSFV1HXhXRMn/EJCUlXYHdF6RmerLubSho/uK1YoWIkUqJThqf/nACYk 8pbtrwmgfVNyPUDZJ+JihoXPF9lOLaf+2R4sgv/5RcVIm8prgrw6dsEnEADp1Jc= =n4eD -----END PGP SIGNATURE-----