This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-phpnuke_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 15:14:46 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 9d0d3b943d9dc57db3df64b44faff654c26625e2 * md5sum 90a361783ac641c20c4a5feee4feb30e You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrgRgAAoJEIXCXpWhbrlNkv0H/0yQKSlmsJO+2EOoyAHAGEim HZyevbmh3LDSiBvKwUeOT9touXBbyMS/sNnoH0VfBs7B/ibRYHK69NL+CaJ4ay8W b9ouiAfqCZ2u4PKfig3cMutta54xjjMyq+EmQ+yBr/Ns6H0BOn+I5lsRDekJlP+Z UQmFVEw+WsQO0WocfN1swgMmZwlLZLoaAbefeyPxk6Oa+VeSIkjumZUhpE1vTD4/ rngOWoz9rmwW5ayUcbFGD9IeFzle0De54R/3Rh0iPbujiyG/Yr0/vEEdlufGF0QN hFyeDR2GYHGR3gutW8wRdNHdGRLLZoOfqvHnAjqRiMOqtH2FhO4SgBsNyzoGdFs= =7MXI -----END PGP SIGNATURE-----