This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-movabletype-13.0rc2-wheezy-amd64.iso.sig gpg: Signature made Wed Aug 7 08:20:40 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 5bd970a9cba54b9f720d5247c0c502d71f89674c * md5sum c780b65b95f9575ebc9d12d370072844 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSAgNPAAoJEIXCXpWhbrlN/X4H/Rap6KMHYcl354ekRNCOTbIj /cuvihWqYiO8L+ujenhtdRPq5sua8eoOHsZIF49cg+8Vh62NH1wLiRV7AvdyvHZH w9oqPJd+Be736rcZ6X9/8FH03TVssZVFG7ihXsXSYQIO37FIGjECNWIxnQo1v8Rh 9wAsUGeGlRDPOtXF+NFEktMXLJV0wT0rCzGaghbO+9jWlnY36jIejs1HvW5WGiyq Cjx8r1AC71QRXjIIbwa2tN/Cq5+PmUdVLkrLGh/DKzjQCu4/1OHpIThMV5b4l4M9 nVK5DLva32g2cnnHkYJu1ZB4dI3hv5JF5huQZv0rNf4WU/tDvawTod9BuyMgAVE= =4aAl -----END PGP SIGNATURE-----