This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mantis-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 13:07:41 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 06c8ebe373e5ccff24fe70f8c742041fbc662422 * md5sum 7b3c3c70b530e738bdfeeefa44999497 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRb/ASAAoJEIXCXpWhbrlN6NcH/R7wpXw0HJ0eLBbnvDgBeGsw 0+rZ8yXRfRrHOqvDZthPpkc2un9At4NvNoV1a5EkFROEDZ7ePLNuUZcoiPqvJ2sh LqgHT6ikEFbuQSVn+gwfiVTWJHkbhhHbwPthpPl2F/pIJZCM0+i7KNSM0xJojXqR UCEh0dom3m2RU1qJir4jBfAEQjSxVkhoJ7wb9bFF7SrkJQUxfzyP95ug80k2P0mh 8cpiQ9b1DNL9vZyyYCV5gb4Dfcfv9dl84yzV2klZU4kwsGMeF6cVW32cyk8bieun 1rO8f/49QUGN8FY0AuJEbc8NcPwQBRfHx89LzQ9+a48h/TzhFm6lnHeDxXYMnro= =9Pcb -----END PGP SIGNATURE-----