This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-revision-control-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 16:25:42 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum bb7f9f95649bb7fac59c8f3263450dd4370d3990 * md5sum 6675d81f65467f283f147d739727fa89 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXWx8AAoJEIXCXpWhbrlNYTUH/1K64W8wq6IHjdG4Xl+2yHT0 vgGbA5cLBndTQzUSJ4O4ZBUw5CTZiTB0Lt9DtSpxZ9lyqKbhc1xxfT7+p7Czx+5h hWffETJs7yAxeUIxipSpIEEvcKa1uNpAot4tFxzeGFFcCjtWW2IqfCuHGcGy1t+P gqL3Y2OV53BBAOC3a1Iha+p+Qp8K6xm4swi/qZL+Be/ksBTd1kA5Vor93WF9dUag 6RZssk7xS7Cy1K5W5HXSKc2VU5gVcmEAK5Kwp9IIFHImaYyFTvpvRvPD+5OTJHlW G1OrCq3bPoT6NxNjXxS+xCw4b+acVasNCapwVeSaorLa/9ZObsHoMuwM2WC/XY8= =QPVP -----END PGP SIGNATURE-----