This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-movabletype-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 15:51:23 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 84e3782e3b521502c8e57e01554bfed1b130f873 * md5sum a0c3bfd056e39c215b08780b1928741f You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXWRxAAoJEIXCXpWhbrlNTeUH/RFHBhGeoXAzqmw6zCM7am6Q oZT14VvlLkwQMzNZn/LKBsuLlS7o9RFXG3pchiUIHPJVLj3jzuId8B8kxmn1SnSE 2XZP0jCPvadPxlvJ7SmOCoVNuLTp+9+uj7NvmU/VsQzdgPftPmit+lAEOri5XW7s IAnJDeS97GngUHjP5jN9bgwj3qkRuzfmvuYImomcwOfdeZ2kqoUQfZ46EcE4OPqG AAOjj5FE9zmu0ZTxkpsDfW189HlqcXHEVd7i5b/XDtYM1UvGfho+q/ePn/cEpaTy L8IRdrZ9sh87hUohg/yFo8Qy0O+EEMJU6uWZmk9m5sMW1javL7j5Xw2vqWZ0fT8= =mDhR -----END PGP SIGNATURE-----