This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-e107-13.0rc3-wheezy-amd64.iso.sig gpg: Signature made Fri Sep 13 07:51:38 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 122336edb32dc47fcb85af23c1a934af0216ba36 * md5sum a283516247d3f8a6b541f198fc31cb8e You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSMsQCAAoJEIXCXpWhbrlN8WgH/1/wF3+060Wlgl7O+icKcNCy gax2Xj6tn7vx1g2iDhii9m8rn7o0oaZvfkBeJ2uE0ysiQvJv0bVjU7uUm3h3m3dU Fb7rdt5ZJStKJJM/Ygh6xSwL5AjDmcIB/ktUeWZFH1r6GcEdPgxj9BnP/SEJwqPY PMasp1b4RLVzNvM1V55rmun/ZVG3vLFcr9i9FegqudmdCBKID3Al4cdWvD4sjZW5 iewk2elJmvi74AMOjulNDcbcu6ClOPipMiY+j3kmTP11Z55LwhJ9XrHHZHyuWwGF ZFImXFRFwh5bnIWFyxiX/guWrxucQ+Pis42BRYAO+dq/YGFYplBw33XFWk+VSEQ= =WoNW -----END PGP SIGNATURE-----