This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-core-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 14:57:43 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum ebffeddef3ef77bd610ab804fafec7687b66f39f * md5sum 7d8bb88fc7e15da22d03acee0f999b8e You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXVfhAAoJEIXCXpWhbrlNMuQIAMqWL7K4GOPfSicTOxMnYKzq PKUH0mkB2rneyXFT7WzGOez1XY70hafi9Vl2G1arIWwZiI01qfT7+yYMHmsLkCTh VMutQOiV1cz8XrX4TrHFXtJXM6K1BnhWPMV8NLH9jDUiHQMGTBTM54Uy+ULcnoxf +PockKixnhcV9+ka44amimU6Z7Wq0p/cx5FTkJfgC5e/jEVVgkZyglQ9QRBgREHp 1Znx/y9TfGSNBbpQV2fd0+fO7WJX09EpTt7sa5mtP50ClOLC/kCEClDirRBD1ntL 1xzrUv5ijVnWsHfD1GlHmSpM2bXsslQkz/VhQdnzxx1Dd1jD2yw0U09rNj0tckE= =LxKe -----END PGP SIGNATURE-----