This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-punbb-13.0rc3-wheezy-amd64.iso.sig gpg: Signature made Fri Sep 13 09:04:46 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 3e73a9586757e390ceed3015fc7cf94915f875a9 * md5sum c0009b913061fdb7e2243bb7c21bb4f3 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSMtUmAAoJEIXCXpWhbrlNp7gH/1DdgnG/8RN6+1xeOzzTmqik Dq6HtunTEIvnJlYuNhk2ubrzWwjPTx8MsHQj7zz95mmxcJStHjlOlNb8tSuu9+cj MFqaCzarLwGfmp3iYr6J6nx7bDP4DbXt6F9XExCSozyWguwrccYU72bGvkUz/TrX 8u12d3RgyoVdW7Ar2vc8j8eXtAgrTOifPL4kn8WbE9JW4bFtbvwmI+0NGp8W3B0u 9JNkeALjtWNJJmrZ8oE8SfS9XJPAT4xxDbLi+tOPFmWUnNeB0uYmsqzbLjr1adRK 0CF9q2TfimypyWE10xRAM7SBFNDEbYjEgtMOcfPuNyDIXo54AtMG98NPrKAmzEo= =z21X -----END PGP SIGNATURE-----