This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mambo-13.0rc2-wheezy-amd64.iso.sig gpg: Signature made Wed Aug 7 08:12:28 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum b9040331d6fbc6e10218a4544ef0deb9f66631c2 * md5sum 6b4bd5ffb987e3b74f89681a340cc526 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSAgFjAAoJEIXCXpWhbrlNsyYIAJz7WDhJss7kiLyRrm5ke9wY d51J+WkI44JyC+Gjyn48D5DwY2T0FWEs1Vrr4ALOszZ2bRdgmF6ozXxQlxR11Z+Y YY/Tgynh0hbq7aRXWPdgyMUhoOQBc9ab5NBuhwT+7hBm3NXyCQTe1KRJF3u+dclf TNvN9qXATF+ylGVOjkbvxgc6e5/SB8xQw1k9JxbU1SPo/+j4jRcRf9LGJAur9jcX NBiNWuMpoRzMHngmf57TQF1Vc9kS/tPpdgE5CFxFpNh5WAc+XA0YYddu4jbNz42f oZh+vnvzfp8sHULTL9p9J1W/d+i1wKLJDvCs4XXtArT0G+RdRBGndvxtTdvJApA= =nc8J -----END PGP SIGNATURE-----