This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-lxc-13.0-wheezy-amd64.iso.sig gpg: Signature made Wed Dec 18 11:32:18 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 4ea8d016ad280ec6e5eeb68ac4fc010967600eb0 * md5sum d5484c4b9c1c9eb2982ffc27f98c8a07 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSsYe7AAoJEIXCXpWhbrlNH8UH/2XwcJe6Rfw6GsInxF/eI+Qd Y+wPK4J8XSdxaX68ey0z0XS6QWcD2Zdhk84YvPp3Ddx4RsWK9vXvUlYYwM7Dqp7Z FdNId4lxzwsYdWXsRr3wC7vyB2a9vME4/89hprpy/xEjkAJR4UcmxqQ4n8VEGcoc kUhkhdaG/Wy/874Jv9UTIw8VZQFitMZx1Mc8oF9IwuXmG+8ZRPfecogCFb0ijQZc j0BHIaZAVSJC+3U7z6x6V46E0KyaTonwECC2wJhoonswpITcnRx3wx/3NxYRp0fq 5QZcusxjpPQmpuRmO8pyhVjB/RRQeh00YQDSIAS60YjFEWb6hRkp6pl89GNQYZs= =Cy54 -----END PGP SIGNATURE-----