This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mantis-12.0-squeeze-x86.iso.sig gpg: Signature made Sat Aug 18 17:22:03 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 7b0ac630d1f7c983a45f0780433391ca6d5084c0 * md5sum 8e0e6288779073dec4824a9c200a97a7 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQL88xAAoJEIXCXpWhbrlNa+sH/2Bvirt94JKr24ql9BFWJBVx /IMztZQ3mMFhv/Mo0kBynq6zc9mre5XqJ4xCMcO7eDps2i25XiWlwoWzdaYNKdTy 6EhNHiuTgp66E/NW9eBgPxY9PG+M5ruO0T0b534iFuoyeDOwN/fOnB1SnwChpyhF IIA1qEMbxAIrcT+cVIHplhH3zkc7c/Xs4Mj4THjxS4TGRzbYtu3cf9dIwVhdT8s9 0aK473f3M6v/A7lx5cs5ht0jJ25gNZL5k52klMg9/SEwmIlkkbw/fM77kbMIfpnj aVIYbavU4lUbn4JyS4BLhb5ecnsVVLkgBbt2f2NknW/7Tdj8r6rhQRbkmIhKvVo= =/5hF -----END PGP SIGNATURE-----