This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mibew-13.0-wheezy-i386.iso.sig gpg: Signature made Mon Oct 14 18:02:20 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 420baca5ab6a176d728c402b4ca1682f801f1fdb * md5sum 0554f42fb2ed7e286db35f14247011aa You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXDGhAAoJEIXCXpWhbrlN/k8IAMcKJvoYENNI9b6o3K2UTtQZ U7pa9A02KPQSnnwVBmvAfshJL0a8tOvY6FyXQk2cRAWhtPaQ9ig2eT7Wly784MJy ZL38cC0YpbDOtGjFW6b9RJdnDf9KXlvnTYVo922USgcXNuKaudAM3j/d0alBTcrP Y+OgBHB1qPJixm8fe8Khs4Uz/dHGx2flGS1LK3y6Rw2/8a4TwxlIKSHU3s1iEu3e WZuDJr6limpKBWVPg1Sh+GEMNRD0XQemv0OEDMqvrfio38THsj0S19vG0/xaHx38 zFq8h5cojHplPlssNOTNxHbpRzN5QI4UEe0RXUZZY6H07pAeOCurvKNoKxBoZJ0= =y7Wc -----END PGP SIGNATURE-----