This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-b2evolution-13.0-wheezy-i386.iso.sig gpg: Signature made Mon Oct 14 17:12:20 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 1213888f4df672a0f0e9d196ccb4935c0acf42d4 * md5sum be98ab45bc6dbd0e135a681ee79a2578 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXCXoAAoJEIXCXpWhbrlNBZcH/0sfxY8O+/u/F6vbEtr9PWBj dKIhZe8e+KdOb7Py0ydlxlGYvVk+IJEHffNFUBuVsXPzdjALuhuHVPbe/mgkSRyU 9AM+sPFdWEw5UMRaieDczL75eCGUAzIArajPu+MJVkHPcPdffh+DuDJieRUj0cNq 4z/DfQ0yEyKD02MjWVbGAwWROUT05P8YyRItffiwVC0sn+iy06jNZK7sb57FxXv1 cvWJ0UVW33l+JEyG1zEQNIuWk+A4a+Fy30rJpLhRsMZ83lF5B6Q6FXsxx2I3jFnr Oul5XJFDbbkRsfZnDg5AM7qF+rvw907akSYPPPYIwHHnZ6VRQvr1ggZEye11N+Y= =mJWW -----END PGP SIGNATURE-----