This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-collabtive-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 14:55:07 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 761fc6a6ce889b020cae75c52aaaa72419eed71b * md5sum 2826587f6bb4fcfe1c4dcf067410f069 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXVdEAAoJEIXCXpWhbrlNEdoH/iWuNeu21MNVc/0bz2SI4/MI UpBNN31n40gymEiSVwVsm+ukofCsvudJ2W3+ZWH5UrE/UWOApwMKbU6pXGYJBjLM 4c5IQJWu8eV8qFkwtShbXTUW+rt+aky0KtOvC88fOuRC2A0dp8RSOFSCdbbzQiWY 0YnkXDb198HUMOihKyEOJHnDcXuXRYpNd6FqjWVcvYYA7ZTbtmumPUL24eVZ67hR mn9SMXqksfB2NieoTJ67gJORJSiymNAX3n3qlXhU3cjlctl4YC+fWJDJ2DCoTcAa ALirvtg3hiTHgF3MDBsRoRritHcSy0zaBhtTr1VTHbfoZMyWLOKbagv3kptiyRk= =BEPK -----END PGP SIGNATURE-----