This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-nodejs-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 15:51:45 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum eeac397f55575fd7d31bd1880316a37ae0d0b0fc * md5sum e892f7f734dfa7f6588ec24279901ce1 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXWSIAAoJEIXCXpWhbrlNVOIIALu7fJZ4ZH/WA85sj1GLKS8Y 1VVPBwcHfwHNRRAEhQN26iKZ2hJt+Afu6ItOa0zd16XKk6cqQU9JyxzMtB7l4g9E S83Y8hU7MIg5cKyi7JJgkQqjl2l9E+pjy86YnyRK/g1iGJa6rAV/9Qb8x2cuyp61 xYI7T9uveA+JUzrPzRmLjVplaYutmwaeIdgM/74O8sbqNRJSp9k0d+7LF43TlTbo XGnOJdHbA4bYuOce7KwVE6JlR6vLoSwyD72e2XYYxd0xh3pwy9Gjcbrf8kvLmNFp Lj4qM0J9dKmcYFJp8lf9iKzJUIEcr3ptvSiv5ncJ38SDUpvU9YIushSfruO3pHg= =Bpmh -----END PGP SIGNATURE-----