This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-xoops-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 17:11:52 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum d3ff596ebb606f5684555791cf6887c46a880761 * md5sum 855660598f34a2fa49997c3f7f82d9af You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXXdPAAoJEIXCXpWhbrlNXQkIAM4e97LcaMzhI3WjowQjU4s0 3K58TRiXAMakK9jmxYaXm43dzICsPP3dMGg4xTKeX44YgfDuNwxF3AGynOW4bgn2 gMLpoAZ8uRM3kQvRSkVD0OR/PyMbt5F7G9+j7dhuglAabbgkJmK8MWeaMOhbg0zj 6ZAbee155oiKxtr624Y8NQM/cd3lELCwGFhrypLY9sVx29Tc34Mr3ycz9YhM6fFG 06QIW7/8iwHsDQrfxr5gafaaDlodEFNT/1sLEfjKiggqGjq3GC3nxn2znW3mOqpM 0uwMSKDauKyllZE/oZjE302g5yiIXqlO5Z+6n6JIfXHX5ed17Uu3hLBO9Bsc1EU= =uVQR -----END PGP SIGNATURE-----