This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-sitracker-12.1-squeeze-amd64.iso.sig gpg: Signature made Wed May 1 13:47:04 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum c78a08b83898c3b91d7d2c82c78cdcb2e4573e8f * md5sum 36f677c41d1395630923dd12ee8e4728 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRgRzRAAoJEIXCXpWhbrlNd/QIAKdMP05EvWsIZ0ovreBXMVMy rdHN42L5kr0WqShzspZ78ABe8e0iXzY5gErdBI9zVMdDUZc8hxoetOzG/GEAbJlQ ipr6tGJQyQRQOJrSBizDyYFsv7OoKYSFwEBOr49oXpR6KrhQlRrzNJ7PfV4XKmNY nbL1RjnGaGAxGMR3nfl6Er7bzX/TChUFlUSvb047+/tRNNcUJT+NxJSNdIV4DtNe rriZqtI4+gLyihXFVAfkq6YfoHxeevtdgd90mO9FRXYtqE+0864PdtZ615DZdJ0e zFDxHZqpoUR9ucIRvaz0a8aI2x1wHhPjNzt2mYrLkA3obK3LYzCwTVjVfww5Jvs= =dpIi -----END PGP SIGNATURE-----