This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-simplemachines-13.0rc2-wheezy-amd64.iso.sig gpg: Signature made Wed Aug 7 08:57:14 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 6c6cd09bac0fb1bb794d4c498a6d152a8764c02a * md5sum 6f86f10043f60eb050f23aa9d576ea87 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSAgvhAAoJEIXCXpWhbrlN8vUH/A2JVwJ/MM09/YnS18r9xQ4E DAQTrkE84pOwKvlzc++PlXdyupDnDsDosXwit3oSeyI/sYAVs7OEFAgy50fEB7NR o9ToV+8sdFHS8O3ocNEzwzyLvCiUhsH7V4BQgdVoAK+0qcS2+/FbEeCoSoxX55QT PqcIVOYpWYw3yvMGDWKRY9kLLpNIEM1+Id6TEV0JNPOhS5bTr/fgpfTS3fdp+stQ go2cdlpmDnVFE2RJGyj48k6/3sn5xWkwJ3wuyfAUZSDR4IzuCKGsqBoTYVI0LDvE W7eOoQaGMnro1j5V2kWXsWVhcwanHZdaFIJ4FZnh7T2so/PbzxTF5kS6Bbh9pKs= =LxyP -----END PGP SIGNATURE-----