This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-sahana-eden-12.0-squeeze-x86.iso.sig gpg: Signature made Sat Aug 18 18:32:52 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum ba6f12b2a250f19779f957f33964e190511edb4c * md5sum ae7fcb716d23845303fafacd8002f7f2 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQL9/IAAoJEIXCXpWhbrlNiEEH/1kQNYq9UYXraSRZU59EgBsb lADpt461xF9BGOTLepTKOBJFb7qy0kxqr3fzZoxCfkElxc+/5U/LV3E29lD4g7IS KQZxaC83YvJVxhd7HQuF5AVxuenewsIGnoRVU/J9xsaqPUhPL6OTZSx8bCoB/Dm+ IMwdqaLt7T2QD1HsJLLICOyVKKDwgux+xYcASR+35z6U1e4LdH2dzQ/ynUnXgWjd YdeH9ClHqcmmN2u8KRUmXRzDIm03u6R/v3lBRqdglnVOD0me3OLrhs4VeIbveKX7 LvCsj/80WfWCD3UTAEog1tLkv+G4yBi1Y5nX0ZBAzfS1Y4o9gwsLbVkl0UoxuCA= =xHgN -----END PGP SIGNATURE-----