This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-trac-13.0-wheezy-i386.iso.sig gpg: Signature made Mon Oct 14 19:27:07 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 7489e90585fe24bcc337d1002aea547a9c313a95 * md5sum 7d6df613072e1ab238290d1ad20493c4 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXEWBAAoJEIXCXpWhbrlNHbUIALPNPbieATy7ABXZ4YBBs3je 0HAeoDTSi602i2VmNPgc4MtKjuEDp0YCxOw3fB4Ucvv2d1wWUG1PgDR9nIZpEhZw 0rzpIIfXl8whyeucxYqFSr7NHGYTHp5ThiSWC9FiIbMcu+MO67yT40xskB/461UB sqFxkwxzGE5txYMTRFNuiqTF7HkL30g781YcCdncbuG2TnwCT6WHc6FEDaV44LmS 1I3cGkKNCWfsLoSOcmPDf7nfG/UtZmpnYoqSSYHR1274v147zWfW9A5qv7yADSxj nKL47sO/NJTwIlh3yBzxxQJZu19AllPtYVJkfbrT8Ow4qZq7LRA3Q52MI5IICLE= =MtA5 -----END PGP SIGNATURE-----