This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-phpbb-13.0rc3-wheezy-amd64.iso.sig gpg: Signature made Fri Sep 13 08:49:46 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum ba1c1c9c4e520d6c24750041782954bec3f3e895 * md5sum d028d9b3552d7eb12a25271ecea9f52c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSMtGiAAoJEIXCXpWhbrlNBFYH/1sEXG/WfwW02xaHlnvwTkR0 8qsuwJhoAXuvHTAmeqR9sfKqBPSEoRU65S43yblctMBT6/cORRZsMCEMpVVQ730Z 2GTHOVGkeqeZwUYcQy1jm77YGL4/FSJCzJ6SRnFujpMhds7lMGrBbZHS2GbNAWbL 1tDWb92AsNBgWC8DCz1XXDlLtMJccbo93HSwGwLkDVEbqWBhAq0lgRlOunR4krkV Yd/hxsUZQIz11nojE8lAH8IXvI6w23uq1mpvnUuzYHqa19A4Lxn5aRTNXy5rlHSl Dw25dg27pKIbcQo68i7Azk7UbPMnRwgqyAhriIJED6pvRYygQ+pSxfGDZL7rA4w= =091h -----END PGP SIGNATURE-----