This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mongodb-13.0-wheezy-i386.iso.sig gpg: Signature made Mon Oct 14 18:10:52 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 32709adea37769c8be984e6f6f92b21c6793a125 * md5sum 9ad3d301048a150fb16bb47caedbb9ef You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXDOfAAoJEIXCXpWhbrlNzQ8H/1OLQrLJVk8x3XdZqpRS5MqG SDsgEsyHzLw2IivNYl8/Fl7fiLa5f+mtLmeBMgaVb3AA5ShTzN2sDSjF5dy3cEnU YgdOcPfVMM4D1a3x4jr2tUl+gZkKjb9AB7ehMTeeblCAL3be7kvABn7qtz7lnR6A ECoV+O2cVwhg7Uph/3yUhb8Q0Q7/XcwoRKcF2/dtASVXf8lzGWioPHTVjP47LHJj xFve6QP+ZnPn/DmCdSz6OOOZdhroAAliiUZj8POW29jL3ENWksvpH57NsXxJGm6M RUxBO0V5uMTThGJ0nb5hh7/PHffdM4fZNHZ7g5N7f2QlFsTld/MqjkCazaIWpxI= =Vlc+ -----END PGP SIGNATURE-----