This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-core-13.0rc2-wheezy-amd64.iso.sig gpg: Signature made Tue Jul 30 11:53:10 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 6ec3c2b137b2cc0f6f1afbda4da318e6ae4d1b8c * md5sum 28f1fd542d5dce9536f0493b32edea00 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJR96kfAAoJEIXCXpWhbrlNGscIAIUiRIYLsEQ7M/oiWGI3PZIU +BB9tnMeOz27XczujXTIqE4GCMBp3l2rk+0T0tFsppJCXzC148Sdz/rmdCHswDQU dAObP9CeRBoisDMNs9htQ+FlYzBdcDC0BzradkpSPoGvgpONdfRwtH5jrVKOLQ+e eMbK+BbsE7FB4F4Jt0tlrlp3hRumKWMIUSIFjuI+1Cg0yWVsqOe/DVxB6exUMZxO V9i5Qgnp2taMgcBCvO11rBNl6lyTJA9Iehr/Ji6VawFT1JmkuVkMhOAu2/CTfpIY GtF4yQjTI5+lASynVk6FYgM2WDrh3ytVJQweUDDEHFNZ3c5m8LHuP3EATr2sx0I= =mAHc -----END PGP SIGNATURE-----