This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-domain-controller-13.0-wheezy-i386.iso.sig gpg: Signature made Mon Oct 14 17:27:54 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 25d207f646f2a71a35b3ff604403b8de5fb16466 * md5sum 2cefa0ca8da0d78a77d6b5b32f58c937 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXCmNAAoJEIXCXpWhbrlNxqEIAOskvzv+XawjS0yeEjDtpSQg rYLvfpMqeABVQtaXCHoBhhjrJM0A7/TVzYHmcjCFFt9PpFlJDrIYztYHfCAMVxR+ ZtF5G3J6hHDxpRBclK6nhz9/bXdzEBml8Rd2Q2unoxXm70TuLSgH2O/cW55oMjPD /sUvjCvwklZ+q90bULzfwwFSZOFo5VmxiAwukb4mWXr4381dRl995qCT+O60gh96 w8i+1475/utJixdMBi6B7BIrKNt/srvPFg5Odw2ncyW9a+rAPbaRbi6x9inrLvGZ MGYJnIizVr9x9GUSulkg0kbiMFcT3ZbY0Q6ONOBkzOFwPGLLbGanjtJxM9Tx250= =tVCU -----END PGP SIGNATURE-----