This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-simplemachines-13.0-wheezy-i386.iso.sig gpg: Signature made Mon Oct 14 19:00:26 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum edd6116f40be83b577137deb6b3908a25efb85e9 * md5sum 0567e8829b24cb767bee2d84ccac0287 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXD8/AAoJEIXCXpWhbrlNrWEH/3DyhHS3UDoXUkIzFux73a3L LGAY/7YoaAt8WfrArV2sSK6mod8luwroS5lmebzAZUWZhUYeu06xG4NzYjTfMEYu G0+3zqgfopPkyaj+USUooCJ0dHPzBjd6ja9BRbCSDeMgosiYw4UcHZaN2EhoUene 8aOHQqVy+S617VrBpOIDEYYmmBO8kZxgTBhq1I58jseRBT4vF2iYtkx6SjlVvob0 BPY2E+v6hFf8oLuYE6BdQkzDtP8pVKN29DqjvbUHD6oyv2zH2BJkTERgbOgeJWbP gfnXP+b97vWskosN5oSGBNBz55xNz0wAVY26cYho85bbBrMZUHEWJrHzq9nXRuI= =H1RA -----END PGP SIGNATURE-----