This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mantis-12.1-squeeze-amd64.iso.sig gpg: Signature made Wed May 1 12:58:14 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 31ccb2d66a09f7b694229b7b6b2f99b00d8cb2b3 * md5sum 33e68246ac22a47b4aaece8b20b5815d You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRgRFdAAoJEIXCXpWhbrlNBxYH/im/G9zwR5xEMxwf3Ca4GjV/ 6F18HpPxhSTNqI6ZJIZ7s0L1L8tQjapRV43ycWgWtofP6A2OrTKlxwvFo7CrkV0V /s58sQuA4E9hEXTNX6920XSEnEWi4cSHCucUwMaaOFvYF3poFdwEuocPafSfbxBS Cz4hiYXy/QrqIn+mRc67MR+AfChH3QOurGGK+UT1xaqS9dcCCFqM81s3/f3q9Q/d EEWB5Pl6MOJEnHuJ7qfK8mZmk4+/H+DOJF+TH6JMoxqmki1DniyGoA4lXq0tWs+B xzj1IKngcvcyZvVf9hu6XDZhPniPd/2yJLW+oSL7aFtFI0H9jPlhHCw1X8Ww2WU= =2W/x -----END PGP SIGNATURE-----