This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mediawiki-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 15:39:20 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum acacb889624d7cb4992d9c103da1af79721f4b28 * md5sum aa6cf240174e509a243a4ae024823b44 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXWGeAAoJEIXCXpWhbrlNNTAIALrwS3xCdhmIRAks9djEY/Ev Ota/It0lP9F7hLo6XPFEdvOlMVrPLJjhl1KKfinAiq5kbfB13cpBDOT6AgJ9Hvrt DqJ7RBEnD0/s1UKU4cl7SsntbalwAz+NJYl4yTYh14CFWlOOBgwUnMOuU6sYxE0w tuE1M/q/LjrratXC2UkWO+pYry+NCYWO9dFCJPPbfam3FXwiOnM5cwWyWb/oPZgi VtX976Y2L0PZmh7O2iWFPFKpaHvE0CjV9h5gBvhzIOymIrPfgvrpu45Wbls84G0I r7bwpKDRuNgHxd3Pq9uARVgd7uk8CIIBhBYEVR5oyMdPHUiQJVURGme6baS5S1c= =Fp6d -----END PGP SIGNATURE-----