This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-icescrum_12.1-1_i386.tar.gz.sig gpg: Signature made Tue Jun 4 21:25:14 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 23c576d02d98b40c3c553422c79b36c071648669 * md5sum 915b32a742da202df1d1373b73f645d7 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrlsoAAoJEIXCXpWhbrlN/GwH/0i7WwVrpTt+kKZrdmGY7gN+ pmgMzHuOGMlB0aY+Pldcft6nsw+9ndXj+44dqyRarixPcJDKrFeJlgE//Yo5aN6E CvkCxI7/Jl4BSDels/nZ67Rc0ZG6oeo4mlcpWTK9Owhuedr2A+UTfYDawlFs6wY7 QczblICcppI2+t4L3wmnpovZOQ2eGRot68UH9CrhIxqRby6Udqfa42sJEzylRed6 hX67mPyWyxezxuT0q3H7Q0lT5YO8NTiiOTGkjXsJnNX7mzUnNUdxcBX1UCc26p79 fvSfGFWcaCUuWUx5NST4zhSJFwb8VDOIVeipFaso3ehJIj7ibavpoiRTrxyUvYs= =cO7J -----END PGP SIGNATURE-----