This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-simpleinvoices-13.0-wheezy-i386.iso.sig gpg: Signature made Mon Oct 14 19:00:36 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 726894c5c8e43c1056958e986c995ebee50178eb * md5sum a81bd98bb924918a12ee8cf4298a09d6 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXD9JAAoJEIXCXpWhbrlNT+kH+wVTQyCOBUD0IX8WGo1KaEa0 ZM3vaydJdqgSKTdRz2RaTRDAbKt59zBWhJJtlIzGPfJ1G9rZf7RU5XvkrIRoWr9M gyANaZrn8JMg3wkNdNUfrfP1/mLKrjzgkblF9t1ehd2hWNtDJ8ZyZ8E7BNf+052B U85LDBcz7Qy/wwX2sAF2XPs1bpHBjIxgmyemUpenvwFVBQqeEjU0Whp07R2dXALb qhAB54fdj2lUd/CvazSd5zoImsRkwMrZDBN5vQ4u1TczWHdt3VaFNmqNvNVmOHSU A6XdmfRiWddrnkahSWRrS9mPsutf8S3i5kN6DNGYPgvSJmRX3XEzCnfNqU2v73w= =Z+N/ -----END PGP SIGNATURE-----