This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-statusnet_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 16:12:59 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum a42e5ed09c1f30ce8e977e93eab0b874cec0d888 * md5sum 8fa1ef3b97f0aa9d4c8e07f2581d6246 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrhIFAAoJEIXCXpWhbrlNsNkIAJneOgHxerOBSwH56Fe27xsv pYuQxQKjcKkyTMFUslI8rlGXwJYp6uTGQz9nFrtMvHfCvZcfy5lc+QHZpd+VU8Q/ cSKKZE430gKGAzdkyFj1ehOHuwAKfSnxwlrLjCcDgh7bCTVj2en4iRcYE1EOJ85m YNUpN08RuURnYFRRl13L6oEX84e5XoqxMzRy4J6+F9pxVwkvwKHHs1rqY7PULXRz xQqu01vd95JHlT4ZvXhI9MG4Qy0aYqPp3m1dnQLR2ziOYWyw5HsxZgVvSRYjBCWG OMkuZia7PxRgQxtNWGLw0uJZzYdtLVE1Dn3IucUjfos44szGeHl9VejsTwCOeow= =H0IJ -----END PGP SIGNATURE-----