This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-nodejs-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 13:22:18 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 46b7b5510524afe0353df741eeca2e96ce0d7fbb * md5sum cc3c0247b995ea91e020aa70e212861b You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRb/OAAAoJEIXCXpWhbrlNNsQIAKmkTsT61kvKdPw+Viw7ndL2 q/dV3dUM/9pK9BFyaxrTUsNoZxpTGZ/1u3x1vM3Mnf+hqkdv98Ul04sSrt6y/XpT TBqNOuHYeFjIHj2NdCTjMgula13AYlab3XwUU2Z/Vc3m+Rye43Hic05taPu44kN7 z9sXz8/7pDBLqlqdz7ADCvllK5HD5svBMDaAlNMWL+st5h5uWItwK6j41E20sfub ebw9AiVmm3i0N20WXPlQeAIg2rl3ehoDZhnOBDC68NMxqPKBgE9ZSLt6r3+KyDRZ C73gRK1YPHGAn08ovRrUTk7k7VanOIyLcnlvXKRo7opPkPfa/kN5u84GLcX4Zr0= =pvZW -----END PGP SIGNATURE-----