This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-observium_13.0-1_amd64.tar.gz.sig gpg: Signature made Thu Oct 17 18:09:45 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum ad9c2a7d341d1b4973224b776d4208fd4da0fee5 * md5sum 99719437a4e3e1c282cab4c10ccffeb2 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSYCfgAAoJEIXCXpWhbrlNo4YH/jKLW1uWnEZ+b5jgu4DVps2A qHorLycrRIAWuqYJht+7jDGZl7kkDfJZSIIMV4JTdFqVcZQIZiOAAafJq6lRj2vN JBExEIrBGgirJbm38tDCDtHaSfsoFZJbgV/Xm0LcKw9mlT68ALv9epaL+c3p1J9E 5GU4luxTifH3PSA6tiNZvZVv/TRyX1Jbb8Jin4ODj0c7plKkStrfII+Awj4sHpW7 s5Z09WsWzowRGq+yZGIz4EYpoTqqVwD3qx9aEPOIrllQu0Dni0OEzNv9ILXspdKS 4SHypZFfcdMpFTUucU+ho6jQZ5kxWioolSV6mmdcGrkUxLsd4jmb8YTb84CWzCM= =Vwav -----END PGP SIGNATURE-----