This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-mongodb_12.1-1_amd64.tar.gz.sig gpg: Signature made Tue Jun 4 14:32:32 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 304e038dc6c61d09b5b3dd1a5dac01307a75cc55 * md5sum 6d21334b9f17e7b8f644725d52af446b You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrfp7AAoJEIXCXpWhbrlN+2AIAItGfGCVXSItFgg0t/nyAhVL Y7cxrpWhrnXPnT++R+bRHYzqsfbF6DCpMELG605pOgXHZ8CXVFDP6ICNU0l9P/pn A9NkUK+JNdIQ+h3kMDjAd+SGtm+FypNzHyGbHkw3VrQNureq6zCiU2MfMywU2X7g GVu/Fm1g08A1YF3jDTl4uTeYsI298PtKPeoYpycEUrlb4xiKoj4Yfvw0kZ9yMQKy s/DlAQZ7Etg94KgZLIg0oxSf7orlh++kpzeynibc81AAPhTtn6R5EvxFnOCJ6/Gt a9/1Uib6Od9mK12AC9QZB7o6W9bRQzRw06qpbF5swIpzxbWxuZxIl6JFtUulFmI= =VwsB -----END PGP SIGNATURE-----