This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-piwik_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 15:22:36 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 9541dce6776ac5b8212b17f8afe9875721aadbe4 * md5sum 9d709d5274859e1c3db9b4f66bdb48e0 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrgY2AAoJEIXCXpWhbrlNTV0H/0oO+VVPv+Za6vcgk1/zWX5I 2sLuDZ/61Oe4k79fuSeHaMNxTaB+J1upf4Qh5RTl8iyup7rQkICTsDVPGYNF+2rj n60DgXlg1MqmPGgNzfNrlLxnMF7DfNrwD4zcYCoFxuCck+Ul2/KnxTy9f7wsiw6X /V2Z7Bo3bjnFjCr5YVoeHT6K0jtdpgQRIvG6Wqyb91LMSQ5kgNFGuSxN8S4NNVSf T6WSrBKe/WaDefRaNCBhljy3VzOfdBgwMvJaXl5fu41ddGuyigF+fjT6Jpe1VbDI 1ea7Iylz1v87M+AEHcc0U4X7Umdt486ziimCDWOmfQfcqV891cmSTQfVGeF6azs= =kap1 -----END PGP SIGNATURE-----