This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mambo-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 15:34:01 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 18363cef0984bf9da7fff3ef47eacea7e4fc5380 * md5sum 459b52657ebe493686b440cb72683c5f You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXWBgAAoJEIXCXpWhbrlNv+EH/jaw485zoKJFFn4gYZMLBmn2 FnRaYLsyx2pBrpRPKRytkzTlyzD+6z6Xv8DeUB2CJDomOkz6d3/r9DH12wibO3hU 6f+XUVbsztlNsl1yafP9+7Hv+8WmMQHLnPAMHrcoa3qIRBhAebVUh64LG/p2h5sE O9ibM7J1No11y98mWZiK7ipm7GH+Sffy7gHArVAPliOsPEVQJCJfkjFMpoWzWJxU ZXEjG6tjzV1nrAv1x3VmdHI2Oai0szDQP+k0Cv+5Pxh4DfR6MQELXOuCCqgNbW4/ 4Q54OQkGq4YEsWtZ3qH60O4k8NYEy1z1MSw8S2o8UXpBEsK4NsEJ4y0vf9r3Mvc= =v/6U -----END PGP SIGNATURE-----