This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-silverstripe_13.0-1_i386.tar.gz.sig gpg: Signature made Tue Oct 15 18:45:07 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum ee2449a2c977f9d35af9406ec3950d861b8beae9 * md5sum ba5a94882f48e941b27988f6596ef162 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXY0pAAoJEIXCXpWhbrlNnRIH/2WNOYXeWDl9yhMjNf8ocDIk sUE5LodFAi4RsA8F/Yuy9W60Cu7qvJEF47TeZFW4TTgZn/GRUDyU6kU3SZdob6aa 5t4sWnmOK720aNK45DTl64sydq+HbqT1zSNGwQokBJfbXcoQZS/ToubhvlV4vWb9 lBg/ycHRVRyGf2V4sgal+3SjWLqVKgppxrr58cWuqC/4pbWDewzUT8PJVQjLrLjL BjikK8vlXf6SXIZzhzkylXtXEFYtdSP1QCNE1+4yEOMJkyE05PqZMZapyZkBHBrb Cbafb6H1pJpLOnQfsoQC8dy5uDSFg2t0t8gQeQ4NvblzbRDhnXwSu57GNH9tNh8= =ptYc -----END PGP SIGNATURE-----