This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-simpleinvoices-12.1-squeeze-amd64.iso.sig gpg: Signature made Wed May 1 13:47:50 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum d2a50c3c3585cad1eab46a0170161c8df753d9ed * md5sum 74c283a27a975a3f47563923ad60c254 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRgRz9AAoJEIXCXpWhbrlNfDEIANrs10VDt8w8RvoZfbVlPAr9 rMSOivr1LzgdtWEAxVe8JNvQLBwZ8/KcJ6jb6xwsTP+ue0YTrmTtqpA4qtKZHLvs 5HLYV6/tneuJ09ajakXOEGfQlmeLSRPJzRaVacdp81jc9+ZhWDc3PQeC7kBIfr82 XWxpPg8HfjTU2RFtjMJIOPihtXK2LtL3OiKtee0M9bhmYkN3OjoTRaM8HxwqXI/z WSmkSixez8lCUru9CPRNdiyCczInmM56q8MF/qWaGhvLEwwxcjDw2cm9v2rBpfHr kkhlePUrZex85aBGI1iqG34q1bcAEB4D0OByTDn1AceoAcm9PET9M2/tjXIWzIY= =Eh8j -----END PGP SIGNATURE-----