This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-limesurvey-12.1-squeeze-amd64-xen.tar.bz2.sig gpg: Signature made Tue Jun 4 14:22:18 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 4fcbd019583add5c2bc14ab1f0875ad9c2574d47 * md5sum 82240dbcf66cd45fae0a0a6e35a6ad6d You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrfgRAAoJEIXCXpWhbrlNfwoIAJL4wjJVIudkNUw7vHDJkGdK B8Kl7RNIzhKfq9owxn7Oc3KOSmaQKyp2BfMTLHe7a0Z3EwXPPp5Dx/XvJ51X1sfz iiJ9eZ7FD6ERz4r5N9AjZwbliyAsz1k4t/pFVjM9LaW+nYIggrD9F7ml8Ur/Mzwr +MDb+JtdpQXTkWUgRzfDkPWH0eQh3rJczOIp8j8n6cXZQ+mMX0aaxnZWv4besV0q ezM1yVCjT4s6ldW9rfjfikrRVanUAAx+wTbM4fZ8/qFDenP3Ox2FqGyHbEoZdMqJ Q7JFivfqSaUsPGeW5ZzerHBdwn/SKHWDHDfeYRT1ZATvT+BJcfP9yTObW+l5X0o= =eefR -----END PGP SIGNATURE-----