This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-otrs_13.0-1_i386.tar.gz.sig gpg: Signature made Tue Oct 15 17:38:37 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum b6123dfc3c43396ae5ec463a81a193be220ceda6 * md5sum 9dd681dfd20b86879b39acbc26cb334a You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXX2VAAoJEIXCXpWhbrlN7hoIAM5YxTGvg+YFCq4ZozYzvkM5 vL3P9GF4HR3cKZHwOB2ULqOKHeDYJTwtvYdq5pKHyz5n/4k6q+HA+xejURqCxOQ6 L6sH42NgEKDN0cPAteUwjBY0n7ejkA8zhZj5cB5Qk8ErkA4+nhmFAJBzW8949Z84 hnjaaDazdJWMk0dF7wR6lHKt2twyihjsHrMU7y7878vNHbHLIhm+Wi8G3C7J7exc 9upG6+bogElYMKDaUcpdIVryNikntVR0kgp+G0qpgQMy4s6u4iMa+1gNogWX1Fsw 6QhRZb+5XUDf/eswUpy75dgW9OmTUi8KzTCePPopIjCMH1sbAvxKV7pgmpeWvjk= =MEt4 -----END PGP SIGNATURE-----