This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-openphoto_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 14:51:43 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum e543727c673a03cf1c58ada626ebdf194caeffdd * md5sum d63e17fc38e72484bbed44e2ecd1795f You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrf73AAoJEIXCXpWhbrlNt/QH/32gXhTRdV7vgQilp1VMvQPB pkyuu3d+fLHE2uWcWG6vVvxKBf2M/fdP5WUsjesWBSXULoDgVlArXPVe84ynxFO9 1tl1Yv3jhXyVw4eQV2doQSdf/ysYmVQOQAZRw589jFab7jfgZkIE27JQimRCNw/U mtxaAb26qG52oe95NkNzTOG0P7df2XLq2c8rmADUKumqtqz5DZM5bFGbpgrfTc0v jHZAqbM8RJR72U5svjyQYNBpETQXhXzwhhp4ffjT+pZXj6eBXxEsxuo9erqfKeay YzeyfXKooW+UqbxlTcilpGlPl9kftU1a9sEd7sZRUpddX+yJbESFZ73TWBFx3jg= =LwYU -----END PGP SIGNATURE-----