This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-processmaker-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 16:21:06 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 6e702e69dc81fab4e31f63e128c75961ea0dabbd * md5sum d983e8c9f97fced4ae5917006f447bfe You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXWtpAAoJEIXCXpWhbrlNGy4H/0mE+Ux+vLN7QwdLiwSA2QtQ xYGZS0XK5dBFyErs1weuwK5NL2ai6bJcr+eMBHE83nrhtJKpJLQTblTjv7HuPgfu KFmpZnLbp2qQfQg413F3zff/j897LZIWhhsrIWlXUluYzytKeqMtRThO5uqa5+BX etYNN1gBMsDQ+Fyrwh9pPp7wVYQLxhwuWEznfAzjkEeOxvOXj9unPSKRiW5W/Ok5 q+A+0xqfbD9WmpSYBOKNdwNKIGOIexwx0ZeDUp89nJ0hzMAgSQRvL8ue0r+2V7ZQ w5EoDtLcXx2aafm1tGp8DPyXXDlL5iCAIbKauhfWytzksdLdCta5D9SUC2ZbONg= =L8Uv -----END PGP SIGNATURE-----