This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-appflower-12.1-squeeze-amd64.iso.sig gpg: Signature made Wed May 1 12:10:51 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 3b42a12bce1d6094562f8b38f0218144e75eac55 * md5sum c5275af078715ebded4115d5789459f8 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRgQZDAAoJEIXCXpWhbrlNMM4H/RzUsP4zRwkF50QmgZYvRp4t 79CqX0e9qtBID837oXyn5wLJhHeO8x+j6KH6Hi50oIndkvvN/L5lpGZfVGVAjvru PX1F9ENLAQZ3YAX4y0qrDyfiyrHDIpVzAW/0iy54H/y3LYP/5QJ3j5MNf2EQa9Pm vm6tiTRmQ8torQmNh8P57Kew0LfLrJA98Pl/p5L6SvJzKKNpI+eVJSkNxKv/mzAt 4oHk2gpIfP2avD9Xkbylmuc1yu8NgQZa6QIh4FAFh+EtrqdNwEhW3uzdKJca1RG6 ONLbOJpxwqMXyBC4IBK5eCPWt5C2Bc2W0BiqQuTRHjuwX7CDzxwNr5ALgz4ROLA= =Qltj -----END PGP SIGNATURE-----