This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-core-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 10:33:28 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 6ced314da2e36a532b8543df44c844e4e1569ddd * md5sum 488769795f399d53bff2762149871081 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRb8vxAAoJEIXCXpWhbrlNR4YIAOZnc0luORhQKn6/A/QP8PFC lpELui0h2L4IW5NZrD0bFCejT125XE4InQ5dUIOVoWSLwjE3WnjTW/HolxnLTMv+ u7RDa5ktuO04l9kRU2j+vdwaeFzcZP58Pdsa1LdcrmTuT9RVoTBMw/uAlTh/7Iu0 S25Ff71PFVke6Bbh0ll/fWds7nQ0IDpOoxAX+isM+vgdl8wks2SBNUY++EtVRywe 9zbcky0rLLe7OdmHRlHOPdHEgp3raN3V9PP/tZDxWiotlK4w77JQ/SpZjjn3/YSC xxqNULC7GhBjXtrFkqnON1NwW4E6e16cU41WG/RmBJMGqpZKeluymbt7gebDhU4= =BaNe -----END PGP SIGNATURE-----