This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-fileserver-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 15:15:33 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 9185caaf04ee0ce93f847bbe7ad04a4d377d2187 * md5sum dbb899e0aebefa8e8487ebba30bc0830 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXVwMAAoJEIXCXpWhbrlNwxcIALI/7LAGl4/SAogVGCL32aUE CtppIiYTMvbFAHuE06UHVWauTd1zGL3PIoiwSfx/XhlV7uNRzsS+dMsd2XO0Do/E nPAJ/Q6t8Ey+r3mIaxrBVqYWfawkhu74cL/JaqoFiSZCseCSQeFoouKE2jcDFCHJ K808un39l8lvgRvzN/VWJubXG3xgvuCx9WC/qUfNBwiNTpgnZF3PnAtYZwMl/ug+ kTaJ6+0fmudPQFJWAMopZnTasrpn1WXgBzAzaB2z4QbLmx3uI3lFspyDF7EsKSqq bqYEEWYDgqq7rJpDKrE+EIsm+vK+hVXlwK3B+ASzeORNCe9Myz9FKdTm73bzIlo= =JCpq -----END PGP SIGNATURE-----