This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-lapp-13.0-wheezy-i386.iso.sig gpg: Signature made Mon Oct 14 17:51:17 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 3301d938495e483d2dc011b103951286345f8b22 * md5sum 0bdd9e85bacfb14d29a186f790c7c1fa You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXC8KAAoJEIXCXpWhbrlNvm0IANME4fGRsjBUJNOPu7yxGv37 MZ0EEA6FXQ9NSwobTKiZ3NXCdKs413SaRcm8/hYIjZDrB70j0ezBZKKzlE72jkZI ie/UrQDoRievYgkUFeiWs5vpAA8oHLT+WrFGTrFEzEAQWbIpTA6on46pLJdbZQJo dc+UQyhlZV3valzhv+By+HbWWzbX+PHTiXKYfvNjH5cbLo4JjTJ3AIMidt4dycIh ae3G18/b3F0SHsyrLfY/VKj0MokrGXnswsjaGfnjui5AxMXWOvPghtcOmifkL8GO vJwfRSRdIl2Gj8mm8kfIn6GcfzcESy8kskLwhWq/mTj87f5gcLt9g0oYFf37bYc= =9dnp -----END PGP SIGNATURE-----