This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-openvpn-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 15:52:18 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 0a1b1288e1980d6eecda542271b9f3df9687db4f * md5sum 409d1f3d08a5abbda5e40e46df5c62ec You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXWSrAAoJEIXCXpWhbrlNI2cIAMDpgYECHPsArGhgqeg6UIED G1G75SRs7vuI0hNecuRerxr0oYEuEawyyQ6/kbIKMCF58mX9XtVV/FnMshR57mSn oKKTjBvs9psp97VcjlGW36BAScy5fwKcgByN+t7BcDtk+Nddqxjqyy/T3C07tYy1 LB2Zs0CNvHxjmXdY5vDOBVcbFpEjU7XF7NXQkbbGP/eFAJW1ngvj/feWQMJT5897 MpFTIrg4BzKue/uC3Wyc1XnAmkdqkk7WUGuUqYx6rGEcX2zF/mm2lRluuPQjfGPS n5nVB5aV8axa3B6ZL7SBPczepVBlgqzeNp350F9nEW/LxFC0p6jCO0Isd6katB0= =GasX -----END PGP SIGNATURE-----