This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-sencha_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 16:08:28 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 3904e8a494011192fd92f07960cf439a8fa5fac5 * md5sum 8d45e2115783746e5cfddc63680f8371 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrhDtAAoJEIXCXpWhbrlNOkoIANYJ42LedYWi+H2Wqmw1v9iu NAXmeMDuCdcUdPPg8jrjILbPKms231iF1oWIJuRy1NisDTtSSfp6qjCiLdyRGL2d K5DZNcmlRNVksuJJ/Eurfi4ocXrsvY9VjPDuGN9fK1C0Y9tMODT26fY5oGzdlQ+/ kUFXrSiTgetxbZOTc7LQGFmdvSi7qHp0Cnx2HlHCDvULI8xlm7aQxMic4m3fnh7U s3dPhpS8+6XmDC2oRW+nXlXZSX5Yx92+1BxnsStCic01D7TC+f4bTP9W8Se69Pr4 Vp6AWt7amjoIDf6zUGGSq35DPQy4xg+xtjdc9Xvo+lGyY+pjDrhwQl7sXOoqfk8= =m8u2 -----END PGP SIGNATURE-----