This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-statusnet-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 15:18:51 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 0e47c8f0323d908df3d3002aba58eb1f9e59b55f * md5sum f7171a2b168c18d13d131a5b330f10a5 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRcA7RAAoJEIXCXpWhbrlNHr8H/RC3NLHLhzjv8qaUcEyxtCI6 QEbdA9710UZtDFcQW54iAOiwWpFs4rCt/iMmRVxQDpH9kE85Mz32kCEVd2y7CXHp v3EntDoWfhwdwso4DfqulIk8tMlOis/ld7p9rFGwNGwAZII9fPaoWeuJshaYH4g4 3a07oc8ic80d2LE8GDDSP5pAN+BHiUeAC/s2YgUwHJveLab7D1VCMdEoisMqjeTl eLmXFYpfKHKoPhBXIzeNZl2AS7V1wFv0joMJgHhpXpSwr9t8Ddor6UBCfNMLqLWv bQcmXTOzK1BV6IzaMIL/7YoshQLtDfW7pcn7T7JwsMwa8O3EfMg5QGRyYQbMqNQ= =wg73 -----END PGP SIGNATURE-----