This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-silverstripe-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 16:39:57 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 8bc4c22d7e0ec7f42ae981b3a62bc1803b589625 * md5sum 4f9a690fce754255c7edce063d4b8e27 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXW/SAAoJEIXCXpWhbrlNGbgH/1RW2FRFnLpTNZGgy+nc2tzZ 2lsOs1CdG9wwVmUbKAM/jO6UEoohe7wWZQ/Si4fx4KdHpM5AtdC2sNQudlpZS7tb 0qMZlYAN7ohjK8Y4tTj3P9DSU7PoAaOHk+OeS8xqeI+5Lk3bHPs+lkvKjj83ppGY z4Q07NngMe9UplSFper+Yw5KkBiTIgCZ/bnE+hN98b5rZmi9YWn0ZDFi6PelAOy2 eO0mGnAaQBy3p7Gq4E1AMVQUlVNfNjiGKuuNKpETh883BjoBz/x/Ru6nw90itoht yIUXo54Za8b5hFC6Bfg40bed5VQ3Jp+y2cMXdZTOwuAcMCpSeXzAETiUnT0d8Dc= =lQHo -----END PGP SIGNATURE-----