This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-wordpress-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 17:12:23 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 34b73bb2187f45566e8bc94e38de618ac3bab00e * md5sum 9894c8d1f4074b68a56751ecb5911eda You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXXduAAoJEIXCXpWhbrlN1sEIAMa/xtdsRF3fbfQZRGhwprbK /QuQNoakRFdgYyeXD4WCI05TYj1KkqXfFvCF9RzHF+XriE4F3x4osCfkLRMXTmI7 sbHSq4iuDNfjNId4VekQkmddqehv4nFEhMO2iNY1ivbLbB+5wa93J1QIn1xBaf1Y WaOtktgsPoaET2WDe+CHJJRfTEcAN6gFPBKSdXR3oCh8jEXcm7Nu7ROMMGRr72lH 95Ebj/MNPXa7deBy0w0SyLn7tfKW/bXjiiSbnbSMHEWHLyr6FoKpC1ZJRTpUSGCv /G0dUbvY4hJ7+/pdtCgBaZbL/Ozu/Adwxx9oEV3hariAcp9qd/PQ47mPuSI+pbM= =roqC -----END PGP SIGNATURE-----