This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-dokuwiki-13.0-wheezy-amd64-xen.tar.bz2.sig gpg: Signature made Fri Nov 1 08:53:01 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 7408c6e2c1fb58d2dfc462ba0d3929e5a415bdb8 * md5sum 2fa7e50b50847e47a17d742892f99b36 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSc2vnAAoJEIXCXpWhbrlNjRMIALAUYWbJQC9cyiK8QgiRRrpk oOXd8QBqyLO7qo7Ba8laM9Xe1ILouYUwck5b4brVYhWDux0pCbypqGFYnobpRg7B e/hcLRLst5zn+knobi/RW5h063VoYuCRruuXdr245rSLF3BueFrOrLXlfsIjLMQl erDIqJSoagbuwRDhm3lX31SZLg/D4IGHEzOtTyze8GFiQm3r+mBztk/gCc8hXOcg TH4BELmha8QdoCbMWdWa1eNeN78GWFju7+KrblyrhvGB4UAovekbJB20ic37uc27 LKS4I98gXzu7ujZchybTz1PRyeicCNsa0voERFGov8Leqf9Goj8+5208GgMluQw= =x6Kr -----END PGP SIGNATURE-----