This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-vtiger-12.0-squeeze-x86.iso.sig gpg: Signature made Sat Aug 18 18:20:40 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 65a29fdd9b98863b45c90f0d24352e29c3804728 * md5sum 5c153ed44fdee8832249dcc4533cc337 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQL9ztAAoJEIXCXpWhbrlNwF8H/RMR63b/9v2X+MZSJdbhgDUv l4FV6Hvx2A+mX7KM553/J7zt/EFmioPMpzf8DIUMEyiMGAjIVs876PbtG9kVf3P4 76Bh7bRU7tOS6WmuO9NVOXrbfvW7kArKUmb31iEafdBaLfCwyxJhjOMY89UVZS1S 0oTZRbu5tg6gHtbSdwTxG9n0CWsZH3rDJmC/x6FcmZG1tSOoads8EpFhTPhNWdLj vRlCduB3iBVoPrmKds5RKV6jgY+QzFD9nFudUwy0PUCI5a00xhScbUaNFRYuX/qq wimP58EMui7blC1Jf1zwY8dKy71tW3EO4eDygvq2S/qlVZehmfH7iHvojV1+oQA= =vhle -----END PGP SIGNATURE-----