This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-e107-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 13:32:12 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 54d9e8639d6b21c3e8bf92eb8bca9178f8bff231 * md5sum 6a656cc9325e0b1de888eea939fd75be You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRb/XLAAoJEIXCXpWhbrlNc1QIALiy70QuTyDWdCWc+eDEU/kR USe4IkKM3UCTcWB3HP0x0Mxij4nhxYSOSp8BOXpWmoN0qr63vQ0IGxNpRgIj69y/ NPHeKjElPwlolNwOf/jVhMP+P8OkhbgzKyVMweoueDvog73mw1HWlRb0Uepv+9HB 9btstWmjwAK1Yyx5HxMDRq1IZupcGpRu59vkLOhPBt8Cn08wwCDHu5JycPbm4a+o nW54z1ffn3OBJh7N1XAsPzBO7woMHUdk7gTHFb/msPXoR+5Qo8K3oCpf4k1SfDxY S4i9F0Q3U5qtOBN3PAdUKE+25d2n5hG3X2y2dKmTKKxLnbL2c9C5URty96J9EQ0= =PPXc -----END PGP SIGNATURE-----