This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-nginx-php-fastcgi-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 15:51:30 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum acb4b9273ec90f462f0c78fee5ff6bb2a5556ce7 * md5sum cd31e4ec8aa53f00a93f5b456bbc174a You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXWR4AAoJEIXCXpWhbrlNmH4H/jWQ4eHbobh/xgXKv31QWyER ZGoiotdzBEBz1xF53mPPnh+XkYX1V25XK8uPiT325hCuvnRVVGYpm4sMsYhEVFwT Dt01CmTpsvXUlLK2e/yscB18jojllCT5ahsD7xh2/V6VJx8xO21ZPPKrgnMRcp4X IKMoLj8dqACzUBTur6Xd791R3nVI2mNw/0yUMwgJYYl+0xCeftKEEaEdT9fIOji9 T4aAUyFJKB1Q7mGvj+PEbFGpEzFWSMfpR4HDuwivbSQzllIco17baUMQ1WlnyfsH 739FV+0xxoJg9jGnmLSuf8Z+/SekiFP0ysoM/BBbEKCl+i5D6UuVOXORMpXL+/w= =Ziu/ -----END PGP SIGNATURE-----