This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-otrs-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 16:05:50 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 98bc7832c4b5a48adebcd547a6a3ecd3c01ece04 * md5sum 218df4749fa3e344ac059b96d675551c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXWfVAAoJEIXCXpWhbrlNCcsIANPCcjeMU/fZH9qW3ns/Y7mb MI1aIfAoXf6hVh87Kzj7e+buNMBC36a96wxleOGCDJG6GEg9dmI5taT6ForG9Sg4 AX+WpzoUEhdJTL8w7BWavGr0oDgyFJ4okPsj0FcqZns3xK5PSF+Y/U6l4BXqJl+O ohlDrY0eQy040LAtKJ80wAq4fdOj7+j1xGvsoVmj/O6Q3EKmdaVKZAx87NZ8kGX4 RgZPr0qtU4sky70fsmp7WxghuEsOH8wq3r+343kAlpZynbc9MWlbgqsGr9sz3tMP c1ymGPDojbW76DVQlk78D8ioPBIg1XLdY81Xn5RI4GF++UDBFL6DgWWB9s2L3a8= =k4Ik -----END PGP SIGNATURE-----