This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-torrentserver-13.0rc2-wheezy-amd64.iso.sig gpg: Signature made Wed Aug 7 09:10:43 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 51912904e6d863e7567ac1f9a4e2f69b14bd5bd7 * md5sum 388282f0eba81a9eb64610ad3ff5828c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSAg8KAAoJEIXCXpWhbrlNED4H/24Ljo/P/bxIi6IcaSPH58hX UoBAnP0sqTRiIoOZ0DlWinSQLinNw8BfG06K4RlLWdBJahdLh01vF80KfTTkTglT o/qAbJn7H4SSnHFCeWki1/lCalt3qw89vhLl3ZcgXRNkk6PFbX7ewuhfN5HHjrsL djRO7D7fOCqINJKcmdv4KWDkLZVUI8oboAGxOw4b06/jeI/mmHYPIGGOLlw5Oag/ J14/ywdrMilfDuqBJhTOc+HSCne3fLFyg4rKLT3cqFkLiPW4OWBfiP34L9Snxzj9 9yFWNialEh8mxwMGW+un4BDGK3MFzBCfoJNuFJeWfiO753FyI0sdLRRp1SpG3ng= =Ea1R -----END PGP SIGNATURE-----