This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-tkldev-12.1-squeeze-i386.iso.sig gpg: Signature made Sun Jul 14 11:58:09 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 9d5e81ea1ebf310f08f6f72ed24e43ab7ce3f0af * md5sum 475611a071300429d1a56782a6fb64b3 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJR4pJJAAoJEIXCXpWhbrlNmNkIAOgCBk/Bngr5pkkQA8i12ak1 HZwPZwhMnqLp+MTmqkPYZCbG1JirsR2aXJq6E57snbQHPlI87uqekKSpL9vy0jI/ rb2fnQ98GRrNHwshJY0r+Uj6AWwMMo7j7B6vEQhHweR1IWifrdHsPqJccaeOlERq REHOrZA8VAX/1eaAAm2k30vgCuHOBgaiZ9fXojGXpji2nLlSIiXiYUCWfDUcM/MM TYviV2tyvety+nVw+E/0M3oMu5XnI/5bZc9Gi12k3RoMfnCy/0+O2sfU8e/U8tC6 jYYAMqL7S1Anm4btLHiJqoSU2h4YNnZahn7lzgnimhtar+vjzX+RWOpLwuTnYcI= =l2QO -----END PGP SIGNATURE-----