This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mahara-13.0rc3-wheezy-amd64.iso.sig gpg: Signature made Fri Sep 13 08:19:33 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 48c6cf0e2eacfb5379093eb647adc157e8b4a1f7 * md5sum 44740548cd604e5a922457b59f9d8960 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSMsqOAAoJEIXCXpWhbrlNHaAH/0tPoZ1Fr0xv58n7XOjJf59X NJCUz9K+h7wAEN07FwhTJe2PNv1sMQ7mZO7Lpd6HgmzZP7GREdNFisWpEvT07RJT kej2lHCUd80A2NOPE6FcUulkd5h8pJVPu9c9zaphxarG7LW+L6T3to7ZANONp348 r54fOkyV1r3nWtry6tiuN3/Y1B0FqZOGWT6+pEhC+gABiqwS00CAv9IlGc50Iv5O RakMk193HbiAyR6+TiQNLVN8O+s5RKC+txASXWlHitCh2mERttZ6VCpyF2zyPKOu 2pVC6i24HRVU5fD8iK22szWiUjmmc1WRpSyyPupoYJ/9AE0/RbR0/2SiVBV+Ri4= =KnGx -----END PGP SIGNATURE-----