This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-core-13.0rc-wheezy-amd64.iso.sig gpg: Signature made Tue Jan 15 12:51:21 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 69a1b18f038f9e9bf022a4360f35c92d38fb9e89 * md5sum 84ede4ab7c0923d14d7ff0a6a55c1fe5 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJQ9VDHAAoJEIXCXpWhbrlNdzIH/1vTvWOImiG00gwM7cJE7ArM jCQfczLFkKIqJGqeeZoDKt5SQjtqtz4BT1t3fmYC68lGjbfopYpGAUcMig7M7NJt t9sNZSjjHU9oOa6Nr7xFy8B69lzxyVbmCCd4Au8pd3UsLsWsB39IRO3PINNQIruS fEpMMNLUOazrX7QRI3ewbvjP0Fze6TSrxUvvAouGouesKc05vl2ShwYvlm43/JAE 1PjLf5dj6jWTSNG0JnnO/pVF7RGsO5NcJmCDiFmDMv3uj+XgHXOc96HKQmKFPMmh zCMLuOuOwdpYNi/iZJLjVjXAVtTEVTLC7JzMQhJiPewXrHsagryeAh0YjRF209A= =Kkj9 -----END PGP SIGNATURE-----