This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-core-13.0rc-wheezy-i386.iso.sig gpg: Signature made Tue Jan 15 13:07:02 IST 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 404b562435bb9cf833ee551e38b6e13287e11467 * md5sum e87c87d14273c6df8a92c160679b67e2 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQ9ThTAAoJEIXCXpWhbrlNxKYH/iHOL+i6TnSTSRyIg1AEfo0g Fg65nhHLC7IEZOL6kzVXQafJkZoWc9v2pSDcht/rsE21o6Nn6WdRRbDoEi6ZIQu2 GR7VnfRHUT/H1a2rTEx/GbJKJ/pFo+eHqFi0HPdRuE9WK6m6gIyhM1/YqHMRZq0T eY4JA9F+K1AzH2XxbV6dxANN6T7g0jLtaJ+dGOJz9XZoSJJOzfmJK2fiG+RroWoP R23ku3MAX++zzbn47+znxau8TVm1tsh3R0K2bJKp7hPS+Paqaodp5Qa9il5p9qt3 Z1PiZTeCqayb878bhdOjTThkCsX90jZ1SmCr6jd4RSOSPqlrfk1suSHO4xwvquM= =wW1P -----END PGP SIGNATURE-----