This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-xoops-12.0-squeeze-x86.iso.sig gpg: Signature made Sat Aug 18 18:24:14 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 6c30037f97eb81210907520b04bf5ed409326ed2 * md5sum 9eba2beb424b3c119193813f67824955 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQL93EAAoJEIXCXpWhbrlNZ7sIANmf0dwm3MpdSch+8CuYew7t CjNiyHRY1Mh4xjKIbHDvM6B6JWiP67MpS5SNlkbCo1GOk+na4U1sEE6Ygdol2HTY a4GUR4GJiU+bRyv1o++u9OurqZq6qDMtsaZ5jaozIuSxezKxJTqHNWm8gBEB1NiB bBzl1mh+X1kjQ5MiKMMHsuFtHntXJnhtIpidl7kvDBavIo22frmMT5A68Y05xugR +7pbpflOPZbxpNeeBgZuUGoYQ7qGkVA/ywNcpS+89ojI+LyOlzAazjPN/cMccNbx m5CJI8f+3GA9KkoQUOsSPxvrl6kJrc+97anCsR6NQKomzErmjlGxuCnm6l6tsoQ= =4xod -----END PGP SIGNATURE-----