This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-deki-12.0-squeeze-x86.iso.sig gpg: Signature made Sat Aug 18 17:01:51 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum d97c25bcb0541310069e5ec5ce9eacbb2179c105 * md5sum d28e42b918894c69e70d95828a48149d You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQL8pyAAoJEIXCXpWhbrlNk4kH/juLlSG6fMIp0jA24/EADs7j u4rG8V100ml3SvgmsTZ7lfMf6EiwpxooNeBgaReRy1FJlh4576yd4RBIhxMSLF5X xBdFBOE5vJfcT5OLQHsUShPfAORKQMNk31/Vzz5HotxIcrc89JJVUxqCZfYRkoY4 UIbx7FRot1eDS07afv7gwxzXV/qv7BygcCkL9Plwpi6IJiVp/9bheGGHwFz38sHj /ekoKKSpdeBs7T/gGgwC18vHO0rtHpz1i724nnRguIZ7KoXCegFItEKIzUAMvk7j sSJx/cEtWugn/TGF0Y9jgjIYWadOTKuXk+UUF+Gyr9CfY9evNYl7Jo3k5fdphj4= =3Lmu -----END PGP SIGNATURE-----