This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-tkldev-14.0rc1-jessie-amd64.iso.sig gpg: Signature made Wed May 6 13:35:24 IDT 2015 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 4a0946979bf3ba20e9da600f0c897f7d0e896a2f * md5sum 3698a68267b6c6069f080383dbee47ce You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJVSe5oAAoJEIXCXpWhbrlN7UgIAIzcWQKn0cuKFTzkhDrCOOul ovDDt++7W3j5a2T59ghss0PEU8hKR+JgU3l+zGzg/RowHH9wscdxoJCFXmQTwjBy lfn2ywZPQRYQByyv7nl/EfdZr1FVSpIK5QL17GLmGDhINz+WPoYPOIFdkgcQ5CEo /7AXQBS+/Nm6gCQJy9UUf2hbq0gMTw5slxD1hAjO6gSEoUsbbveMJNn8R3M1/V+X 7p+1pyX+nTGaut/Rl3fLXUEm7B9K/Wut/FrIT/Hl8LUciTQPwX8uLsEog6u/BVoH Ggj7O6u1Sis60Z3gquJqi0+3Ry6r06pZAPwr4AUIoYC6Px95e+zG/YCUh3DoRIE= =TUbv -----END PGP SIGNATURE-----