This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-ezpublish-12.1-squeeze-amd64-xen.tar.bz2.sig gpg: Signature made Tue Jun 4 13:52:36 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 3f913867bfc55cbddafc37ca2c26f00c16896e73 * md5sum 2e25b5c637b8592c5180f788f8360305 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrfEbAAoJEIXCXpWhbrlNz6gH/2kSEfZg92nsAnJRhtiM6a1T a1APHF3wSzlrkS1Wy7gBn4ygbGwHELzAznLPncNbxl6d3Vm/a9U1KEjAxkFtr2XH ktk1xEJ8ZszPicTgB6kQlWhlPpEHRYwdtrWms48t9wcRpmKkAyHQwGkkdS/JfSRh MG3dsOEMcTspK6+cPZN8kgi4Ba1evCGOUNSv+ui79Ra1l8ftj4I4kdBhIzuCrgIY wPjXfyrOOWpUP4hu6I7NOm99Fq6/UkVUGL2OCIyglvh5PLLwjjGcZ6XyIP4s57Jl 1ru2mXn3qI/TxlbPibjWqlGzcjUdaAsT+txxfYjhjz2Xvmg1pJVHB5E+mRgweBM= =gMW6 -----END PGP SIGNATURE-----