This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-e107-13.0rc2-wheezy-amd64.iso.sig gpg: Signature made Wed Aug 7 07:49:09 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 49052ae8f5f7cb1a0ac82d2d1f9abd906c2a13c4 * md5sum 380aa310bc6ccd7ef9d3353c5ddb2c3c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEbBAABAgAGBQJSAfvsAAoJEIXCXpWhbrlN0m8H9RZomSnEoTflfQ3T4Lk/jjSC n7yHuqUbIPgoe2gTBLldThHtDloi7jDNShyubKQsuySjw3XQbDAUPdbOohGbn600 uQodIZyLw1ZW295hG54dWUGLDUvSMwO7PJ403B4CxoVP9vpI4DtH0ulI8Pm0+9PJ EFmNrOLxm7XEk6Ps+b748iA/4hEYKH2u6pg1gta6MqLPTEWSyHb/e+jPZugqkKhe IIzhPeaV4QRCSxqt+CG8+Yf2QR+5dnRqUNU04N2F61q5vBb7H1HVpljb5x7VxV3S +pccfpMjpnbt/nYH1lRiFcLE9U7W/K/8cntFkwpXV5cwmWDpCgshC6Ahl38Kgg== =paDl -----END PGP SIGNATURE-----