This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-core-12.0rc-squeeze-x86.iso.sig gpg: Signature made Thu Mar 1 18:06:05 IST 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 4fd24d95c642029ab27df595c2fccda5438f5c9b * md5sum ab1694e34a57cef0b6aa90918f5aebba You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJPT55kAAoJEIXCXpWhbrlNXVQH/ia67QC/0c3xl2bGCz9aHaI1 i9TNxIaHF5qu0ch038Gqhyo8iI071c0Ms6kBtKYYuPjCwffAvDOxfQOtI8da54Rv 7pB+uELVV9JDJxAmuseP452uOBGFROhKDwBYiv7/AkycJDchmLDeHFTuYQriorIe dvo/UnA5YKacZ6dWvMYqZxJIJQGBAlrVfz1eCczHAmyOxBD76Cqwe2qvM/Sd72E5 XODqI/27D5I501j06+ymRRrTL33J54x7v8rmDcNhOaUAkH8FQuP5yLoD9D81YyRu qPpk/5+nGBYztje20px0/UMR/NO6xo9wPQveKo5xxiazRG2Ve32Ms1/aZGxtats= =elJ6 -----END PGP SIGNATURE-----