This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-revision-control-13.0rc3-wheezy-amd64.iso.sig gpg: Signature made Sun Sep 15 12:54:35 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum c21fc5b9f07aacf2b984fba1f5ca97463700df19 * md5sum c898763838c590dd015a1a9d5a7540b0 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSNa4CAAoJEIXCXpWhbrlNCbcH/2hYw3N9UfFmbKw/R7g6Ede0 YlRW4eDfCb8PD/kQGsb6fw8sEBp1N/JvRhLKu3iijR/cBi7ZvYq6wX5bhK348WL0 UVFcBB7xlqcbs1LhXbG2+eoi11odvsnYjxFUFEaGDfUsLm81OfUxezH1+J67+1wX Ji1KfN2PAjPs/I1kUDV0wQomrlEwt2wueUEKTJLyMDQCGjo8qWjBXXffCglSEuVc CpO9pM4n/Rlrd5gi99xnpMgK47irNwc2otP8b+/mr3Ie0FR2TqCvUDNcst7FVMLH 2NpXZ4lRbT4+k/vmfrnMlJr5PmgQBKWI5o3ip58Drr6TBUyeb4KeN4YJidxITXE= =tgU2 -----END PGP SIGNATURE-----