This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-openphoto-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 19:47:39 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum b4da7d694dc243f0f9d803c851c86542fedd891a * md5sum 618eded38f57c90b2a1771772400593b You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRcE3PAAoJEIXCXpWhbrlNIdUH/RXMGSQuQfs+rqdJbMwxViXJ vgSbka2QqMCnmmfhdhyxe/BHq2q7OL4+p+V8ziUbFyngsg0NrAE7D9ubW42dW5T5 l3QW/UlzmOlqDQsFUOHSkK0kMNUOMdTvxvG6nsPtZXrHDuZV6qFw9fZLeKvb8G7A TWT9AJ0gyxkIk9+Ha8gfOK4wvvWt386qjx9lU+j+QTzkwdKnVyf0DL9tuPeymVVe aIjp4SnirOZNtwqF2/ptgAj4nRxKo7fSIQpibEJ8DNmEQzF7IKgUZxpCo0eZAKks beaXXPyDBKJI1OyIAzkLpu1TFWQG8uy3xiNi0DE3kJDx9C6fTPjTFxgob9cEh7E= =l9ZL -----END PGP SIGNATURE-----