This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-pligg-12.0-squeeze-x86.iso.sig gpg: Signature made Sat Aug 18 17:47:45 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 2343d507e7b3eb46fcbdbef415b862e211d2e0ec * md5sum c2fb93823220f92eccc847b9addd3d99 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQL9U3AAoJEIXCXpWhbrlNS30H/i4jtpdGJkyyle4vCfZJ2d/A yviSjrXUQZU1bzORdCFkt+gr1Mp1f9jH96W3IuXexaUqywoHvegaert0YQf5AjQp UTuYwZ3anvYD2Qux6rgpNYv0OjIq3cza/8OQrNeMR6e35DdeBNUjU9HeymzSoT45 /kwVFUvWziOkTe7r0fvoco47QNszIVpz0Qqox87bBDvUUCl/5gx6YfRvdICHNuZl QLX50GlEdjcOSsvDXgH/ZCfdABb32HPo9CjfCaNthqDotQyVvbURj8ZdlcCH3xVc DnhmTsIr4SCyre9MEG+EUOYX/kEv9gLMe5bEH2eh13Gn4kBm3Upq9CkHUnInU6Y= =zENw -----END PGP SIGNATURE-----