This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mysql-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 13:19:14 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 850205c73111bbfa85c4af938c1d233599df6270 * md5sum f2019c90c1b113a1c09974e0cc829b6f You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRb/LHAAoJEIXCXpWhbrlNHpEH/RbxBoT1bWQBU9y0sBg9XcNS yRMn+gxBSq4IAday9qYsAfeZAXhBhHCtoxNl046tR4lx1aqrO47peH4v+CNoPkTj YfXZNMPczYhx1i/j+heucCGPYlDK1mM2qDVwCluPZkP87qFXwe5anwKEUQHl3hOC VG/m5y7IQ7SSWaiczuL38Xj72vRxMmaFROuTBPbpwz59xtos2fsYugsHtojTCzMc nhU1x2tvC6IiFzA3IqDyOjDwhPsYis+CPMLw4eReIDlCmXZP8cklK987AMgvxGiX Q4FEtr7wXNIjFPxKtSw7liZfrsRjaP94Wv+A2L2sk+ytw2aiqZMJl70vOHZEcmI= =IUkI -----END PGP SIGNATURE-----