This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-trac_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 16:40:54 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 4593351abfe275d1fb5463c08a09a56d2956e695 * md5sum 7ac87a0348cec7e19b36d9a3772aeba2 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrhiRAAoJEIXCXpWhbrlNrC4IAJvZlrrmdSO2kTyR6q66vUUo VeuovMb+XGww1GUN1+VijIoejSwwr3RCwnxCinahlLnRdmpWQ4/6hIIZsCwJhZ2l nIVwxfe1WkcqrP9MJnfoMxshSnaTk23a1Sdetn45haskDEnUj7GG9nXJtTboieoo Wh2uraEwBJM1qg744bG46OWg/Kn3qOmJfIiDwDxWU1m2QtFKhodnhz4TC76PTw0g u8kCTh3pUV6LktmJh7XI3QY5HVJhfsGrsmUJoufFzjsi9aZfnsZeieF7VNjczSEH QLFFTp49kh9yWPH7oz+FNbE/t1th6lOwD8pnJ390poMYeU208Hgv1f1kPFOVKuo= =SDUW -----END PGP SIGNATURE-----