This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-bambooinvoice-12.1-squeeze-amd64.iso.sig gpg: Signature made Wed May 1 12:11:42 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 9b3d1a00abaa669761e085e9ee4816a819ca746b * md5sum 4f766265c7928c630efa3c4c8c0c9818 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRgQZ1AAoJEIXCXpWhbrlNzMAIANMpAay3IDxa4Chd6vziHntX UIPTZPrEqvHSYNwL8seqabEG3eddP+88s6E7/lySR8XYyz+awp4RcXEhi2Gg8rbt xNKQ58ZRwr8AeXAvOoSVeey9swEwBFTACZ6YLOuLrGF9X5TZH1aW0/tC8HqTgG0h YhphVUbGHxl9uV+vYrUUTAoEmBI+zJYAkwgEXtBdAU2MYBcWPERGwD6JDiNQHy+A u5u4oJbf1X2xhGzJ1L5zWiO2GwGxmI+Zpp1IfzaqF2uMMziudeyNUAm0xTyEbD1X IFL3O+0bBieOd41aFAQx4YGuRf7orJCJjnfyYp2xxXc4IR2l614x5DgQGmEWezU= =Xf1/ -----END PGP SIGNATURE-----