This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-django_13.0-1_amd64.tar.gz.sig gpg: Signature made Wed Oct 16 08:22:05 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 9e8a5df06af2fa719dd00211d1404edbb2930c31 * md5sum bf3a0855e8c34793bc1fbf9d4b4ebaa7 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXkynAAoJEIXCXpWhbrlNDJIIAMTo1j7lwwr/yFVvvX2VcP1U cICNzwKK+kTqZBn1CvYXu8o05C9phKmMv+pVqYC5JlC4bJbpJneXzosUM6tc6m5m pENqyEvj2hCWCp2/u9VYIR3N63gxMkxxzDb5IZ8tEu+JiMCIRQm+aOSE7bwJ6jCV nachUV3tKHCvu26ZugYhqgpyCpFj4UQHcnGPfqRMbVjJo/4hhMam1XCp9VrGfi/A MASi/yN5kEuwnbt1NHWnMb4HusLbt31rPDJnt+99dnuNIyTBvwVeTIwUWdRL6/Mi kOhhGbAHoSf5IdBAJBIBb9hw0jCCC93/YG2Mwh89m0t8PJZXvN8ovmX4RWenAkY= =c3eV -----END PGP SIGNATURE-----