This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-symfony_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 16:26:10 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 8fac279133193bc9c19bfbdcf8aec21bb7ba5848 * md5sum dccde11c3217db24a729573cba6f32bf You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrhUaAAoJEIXCXpWhbrlNf94H/1EigTHmrDT25eLY8IRCkdet 9l8iBZlCLZLUvyuFG9XFHS/i0EJGprfQUI4JJ4RpG6CYl6Af/sp8aziaUByNVFNq b5U8F/MydrMXezy3e64eOON/mEQBeU34rHSHXItYeKPuC05TY0GWfcWgSretr43h 0UBjQBMu8PsZO1bdeNjilNYnnTOXtMclyjyrzGSpurxe3z1pibLurRwFHqZ9wo6F rpiJgKc6krKJ1Va5vn7KZdkikPAgycp/KW49qer66IbHeJ0MW0YoiVX0MQSX01gl mELS04/Yf3/9zeK91E7Z39EwE5Ky+DiodvU9RNK1SWOkQo7z3wxCkmgXAAKnshQ= =/GKK -----END PGP SIGNATURE-----