This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-bugzilla-13.0-wheezy-i386.iso.sig gpg: Signature made Mon Oct 14 17:11:28 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum e073b116cb2835cca7a465b07d7de78b108200cb * md5sum fee49a70294980da47efe8c7b87df92e You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXCW1AAoJEIXCXpWhbrlNa4IH/3bXsTLndXNWLgj9hYwEw6Jq jfYeMTw749WptjMa5QoeixbpdZR3UC9QvI7ExKJQf3LjoCXHYvxbBBGX4W+06RCb RPO5b+qnTL9YQJKZMyEVTPrO+opHzBpA6ncLCordH1Puxp3U7x6tCPjC275AF1kd BxWdlQ8uaK0KRvuRqUFZ+1UdfLnR2GXGZjCHS20joU9984fLfLQsV9WkvjdIuwiq xcShiqdHN6spPYSyUpr5Vy47YFf+doVK5CKXexfV/XhzWDglbl+xFU4J31kOkiUl xg5AiDgFaedflPUWAQalczwT/YmXLO0yNK8V44JA8+/Yt2toVdgXGEfWahLAxVA= =1j4V -----END PGP SIGNATURE-----