This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-6-turnkey-couchdb_12.0-1_i386.tar.gz.sig gpg: Signature made Tue Aug 21 13:33:53 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 961a8e6c5a2a5c19d32563810a733516cac4fc20 * md5sum 4ba874ca81fd6f9f12e088bfdbfb2884 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQM445AAoJEIXCXpWhbrlNrCoIAOR9DtQ10Q459N7Buc7nJ64i qYyA2vKQDGD2daqO0RWa3HW3YrJIvnuEsNfkYwJnCKa+tBi17PNhmzF/p1Kg1dgp FSqoLODEvs/4LhvyQy0EUcczdMqVTHY/bvnzJvUAHvXbZS8M6OQXixKQgFxzIzPZ ziduhyeGqtWTDaOdJ9vdEhzathOiYsK1y9MlRYBihhp/rt5GytEflpHiwPHW/Fnq /3kGklffTX9yQDD5i/Hss5IoNfG0O9gDy2bAQhyIzkFw9LddMwE0TOBD3EjWVFtI lAIU3vdx9dsu/UmWaPHiyw1excrV2yAkN8SVPK43H+ShtoQF+d75BvmkSZatDII= =rr0s -----END PGP SIGNATURE-----