This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-phpnuke-13.0rc2-wheezy-amd64.iso.sig gpg: Signature made Wed Aug 7 08:37:59 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 24169cad60a8669465f0288f24dc4bb2684410f2 * md5sum 6ead3e1a70fc5c582719aba3f0657014 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSAgdeAAoJEIXCXpWhbrlNWoYH/0gMPbPWblhKyynAVzQO02PV KlDMxs2Iqa+Gi4+GiEsH+EsPwdSFDjVIlIhcAd4kt97f5+mpwgcoPPz8isLj1AO2 Aff3ZLXrcmHs+8P9VMTl9xkpYJLZv3eT5fqJMbEXv0sbnhxd1j+Ta70kiA8+QyfI zFLcXU82Hyscq/IzSuK+sLFE8J53Q0iwx6Vx5Ps0jEzY8mP2iXXvpPYaOV5UKuC/ 7cQY2GZ/+CpHU536aM1o2sI6ZUSDRnAuhAvz0KZbjhgkDCv2UzZj3bhDm7HbA5Cq IpIBDdAL5XJXlgzH7JMfqAQEcQnm9Wdpq0YM6Uv8J1YBMLTEhnBanWDr+5M7xDc= =pW3o -----END PGP SIGNATURE-----