This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-projectpier_13.0-1_amd64.tar.gz.sig gpg: Signature made Wed Oct 16 09:59:30 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 4d30dec797878dc66b14244734b5aaef20979562 * md5sum bfed213976bbdf8ce2fc8b79dd028604 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmN7AAoJEIXCXpWhbrlNargIALpJWQLc/XGZ8SM3+t+Q9VzZ tnHMHe+2/eWzvcB5gez7TItujxdm0fz4XqkU+ugzgye71kwwzwovZXQynv/QhjVP 2swZs3cn14a+IjVyqlJaVeu6KsjIY2xdgqhWZL0H6FK2O2vgA6ZaU/5mr69belWG V1VoQrBWa1BHee9S+UCM/DqMdqJ0o5wqN1TCAYpbzB81sr8nnirP0QmhnYi0bPKr YuOgEX8nuDA3yhql2PHmgD5eekQd4BLfPKeCq3V/AK8zwaVk6VfvndIzWW1OaRKQ LkYoeElKReEeqlB6mDD6QZDVUsAJi/PmZoVs4yJvXicDZg/YkryTg9YpOwKKLx0= =vKcr -----END PGP SIGNATURE-----