This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-statusnet_13.0-1_amd64.tar.gz.sig gpg: Signature made Wed Oct 16 10:17:41 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 6ab54e36800ab8656db3ae7744a19c4504044f38 * md5sum 0ca22b6f0ed6abc72faab49d9e5a5589 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXme+AAoJEIXCXpWhbrlN7dAIANzoyQOz0M2lVcjH0sVQXi0R 9aq60xMjwJ3KGFWiaiGeao4+9ToJbNwkHI4+Jg1c1xqR5SK+E0BeX/ND7Rhk4nPm E3FoIZvgqMr/HpKuXtF1MEqDFPCvN4IvnAH9aCR0o70UMY1npGay3vFwBtblGjqg kaJkQnLWOdhNanZxKxTd9PkRMufl36WDue3Chwa2jrFWofogWhat0hOQaktt0y0y 1Rp6DtqD3i397/+ChALXYN8Z8zMBHEHY9hoIsj143UXvuqnqkw+EZ0AAcClKz0t4 LO0ZFzGDapwoU+rlf0I6SPPh3pXehrdp3qmAPugj1z6yexlvmNIzB4ROpdiN65M= =bQao -----END PGP SIGNATURE-----