This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-phpnuke-12.0-squeeze-x86.iso.sig gpg: Signature made Sat Aug 18 17:45:29 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 5bfa04121ca8d929eb1908f1b7c60f1da0cc8eef * md5sum c0440b8dc8e6ae3a976b87bcb27c782c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQL9SvAAoJEIXCXpWhbrlNr5UIAI3KnVdZ17Kg+J6V5liuZXVY wRUkR/R6a97ski2zi/zUN6h6S/kjh8vJTRu9WgMppHRkbP1YVXTXFVu2hegYR1QS pW8Gn89acft9Nd3nZ4RkLdXoYSJnNUnUi911pBQgkvagtSa5wXhIQdDZCFMZiFe/ fTX9leYMJ9PGbiUFAuimOh8qJNZ2Y9pnNUT5e6Ip7xWlgB8qVIRQwhENbdW1d/pc M+UnQWqtVWcomyRkhNGPzmP0GKSnIU9JCJtM5+H4BKPvIDDGsiDvjaKs20YvYkCo Hbl/vvaNHYI+Prda5MOYK2ltG+6FXmCmx6QrVfvqR/QZyEOJGvLVc2JFjp2lvk4= =yOO2 -----END PGP SIGNATURE-----