This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-osqa-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 16:48:20 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 2544f818eda7f83c16e15ae7ca248fc17ff2b693 * md5sum 1e7a702004b470a7b844702ee9e773a3 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRcCPKAAoJEIXCXpWhbrlNAX0H/00ocmyYG3qhVogJMaaevu34 QlfaTD0DYYkkG6y4LcBAvvPa1hyBjsNt2xJ8zKxb7oxtD8v9R/MrCNNK8fPxMNi2 roc7DvhqRZMiFTc7rWY0lJByuRHdufmBAaoZvROyWntx173JC6LbhGKgwQTs8qKj 0YNql1BYpz041bvXPxggxY4KYfn/ojjSjvAXCxlz0IHbwJ9TOqNK7haUl/al1/b7 D+cRrE3TyBSnowPOoImViGY0P7jXkXaBXQbIz5RDEKyaVlUXCJa+Gge+lrJ54Drg TtjC79oHmP+GRXWdeY2wKgVQazqRUC9SEpezFIRwM/3uNHMEdIdyGJZjT17iCEE= =lO/l -----END PGP SIGNATURE-----