This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-simplemachines-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 16:39:01 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum e79d69b891ec98c686a7eb49befaf4e4e5d2f908 * md5sum ef1705b1bc39d2ef0ea2c87cb4f84e72 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXW+cAAoJEIXCXpWhbrlNIGwH/2If+u+VxuDOBbBgxDtho6p4 4ZX2u8Hv0i2cnykZTKZ9hLv+zKo8jSAMG8iqfQOfdMjvlrS43vFslRTmvrTrD7+R yyYNBsof5YT6wpsvuuMhcY4IuxPbH8l2/N148gn3rfmoJ7B/QUJ/BTlHtTS3LMVX 8B5hpHItf662ERr8+lklvHZ1jaCq6XWff4GcrkKO0w/mt4T1d/ybw+Ej7cb0AxC3 j80/bVuCsyW9Pgv9VxeifRR1Do1v/ppYWIUGFjRXxqh87cdzKWvyc5vyWUDGtZrQ oxcx6ipSfnL0JkJZrSn9+JLsGbf0t7EJWlmjlMZwiFy9cab9p9yLvd1bWIoGte0= =4Of7 -----END PGP SIGNATURE-----