This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-tkldev-13.0-wheezy-i386.iso.sig gpg: Signature made Mon Oct 14 19:13:26 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 7ad400883070ba2586704dba66dad07634329779 * md5sum ae4122352156ccd0ea67ac68a7738736 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXEJNAAoJEIXCXpWhbrlN3KgIALzFh5Fg6E1GjKU4p2U/Rh8t AHIlONDklIoWQ2WblGjWHZQ1/37AIInF5O12a5tVyIM/1ZJuSLJn/cNy7FWH7DSW NRUipbPjyu9CdPwTWtIG4NQ2/b7Ni37wZhxrVifawC6C4bJtzVq/tlhAwBcRyzec gJ+0lkhJ9cgkKGqp3u3cV7oHkVMQVACvhwMNL2r7Y8iHCJInIQ+8vUQ5DvcovVdK SU48mpxNBzYtvsnkmVRu730EDz9xDAVs+6z2/XSq1aYPf4u/YTCMMazN+5SeMJ92 0IjdYqh+uWl9MIU2HtQ4jP+4n1d8sjfi9LNV/kjvpSJawL7PaD2NE1zmManR/9s= =4uG1 -----END PGP SIGNATURE-----