This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-drupal7-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 13:15:07 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum d55a4273e8c40959f07e45104111139d631d6190 * md5sum ebb592e71b19d783c0cf9f8d5c54a1fa You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRb/HNAAoJEIXCXpWhbrlNEPQIAJwg23VYgBKPXD9gQ9p6Ia0g YG/Ppwt2H6W4GQuk5rlVAlxPdqkPJL24OMY2X70ArWyGsfjXLXlZFZE+RUKAqcfc Ve1NWM3KzYrZtaDxnfppldbch6jbkCszgpWuTbIEQLZQbzh2q0rjXNMUG9M13iw2 YCkMmhzlV5I1oOKitAwniqfXJSs2lrrTr7YLilPTcoKOyj/J7kA1qJIF1HCnw4de xGKwYGHEX+7+mweWLy2U99s+ZXL+lWBSJj4jYsdx75H/3OEdmv4AbGGXdbAK2M+D zOB9M/B+0gjBsWWny7R90RRUX880vqpz7wdHBAnWW+TkkZghWr24Xgfl6w6ZK9c= =LodU -----END PGP SIGNATURE-----