This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mibew-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 13:13:42 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 2bb287076e5cd1dfd3c8ad2be86bf2d27ceda6fc * md5sum 04f8e2abe8a8cdf9028ae4fcd7377007 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRb/F8AAoJEIXCXpWhbrlNb3wH/Av56EyAuD+63u2XuwRNPfYt eKX1LQI886ouRVnnn+dXgyYhoRKEFxP00XUKZLIZsa3dRYomI0w1nWec2FmN+xDu U5UXNQiCv8oITZMMw8Wd5MMMVn8b/+zx0ExZwPBMhC61XQPfaSKc1u9ERWpvL4tS MyFZO5ZlCaygw/PJWPhzsbtGoB25sH1oInXO+cfZ4AEfK5d5EAiz0+oZc51D+bpY M78a3oFQ2h3CTH7b4t4OtSxwnm0HH570oWcR4h1f1/E+Z4mdPmmRX5v8EDampA0Y sUwo9So7YSlqh0sTmYLgH65FLBAo6sRzDDb/K2bd5NFolhoATOaW7pFZLdn8UDI= =ljby -----END PGP SIGNATURE-----