This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-codeigniter-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 13:11:56 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 7c164a89ba151018955a6dc48a5d52150d7ea978 * md5sum 5bfafd6adb2e9a4a9663ecb12ef3944f You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRb/ELAAoJEIXCXpWhbrlNMq0IALaLg32TvOaDu7/jmS/eOAM4 h5BeNeBbCKkx2xJVF0Zvh0i0WXaIoFlCsvr+vCd6tdapa58mkP89uQgxUBv5fAIa eZC153SbfCzAWiflpD8mPrWhtHavvK47TghJG43T8Sac+5b1xj1uqGRzr4EhG9K8 G5X7p9ASkqKm+9uc5AIu8uTMufLEzhmYeeGQRtbm0ZBFdUKFNW7Xqetmr5UNgUUl ndJtFeSOHihq27aZqi8Vpfm/8jXLiZb/+VfEEbRXGuQnPvRhx6CiBRvd2ZL/LenJ sH7hw56gqA+EFLZbHK6N9vveB7haiMRYvr/yQb5kwcSZxeeGwWMOWPf1JeDUkKw= =BQrP -----END PGP SIGNATURE-----