This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mediawiki-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 13:11:20 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 11bc4c447867f2c957a48ecb2110037c17f94e05 * md5sum 6100d6fb18aef1d15780a6b329c63dcd You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRb/DsAAoJEIXCXpWhbrlNHcAH/14hoGIc5aIMAhTsQPQZaJiw 7iGChzOGybd2lL3/zDWY60a5sRy7YjY/e/8e+Xs9U2Gjy7lWWJ0I/ws9+zGUePbm QUmrhmm7QSd6vEHMHvys0U/n8z3nwSEchJqeFHCY3bT1YUtwSUau6X+W1V3m2nHO bE6EH9Y+4QjFF+8x77nNX60VJRf3QuRTc8pNM1qo9Hm4bRfCK0HVlMjLbs92v9lt etwUUavfwFrKYVBHSw9FkHgEED1u6rG/Egzn67eFlbS/hfPLObXDSMvtrHeo18R8 pzJApN+xCTT6RO6xyRRnhlFA5aLDVuovNWSATA4v7gT1JrN9qqiWJcg/0hhLkK8= =iTc6 -----END PGP SIGNATURE-----