This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-phreedom-13.0-wheezy-i386.iso.sig gpg: Signature made Mon Oct 14 18:31:31 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 90a0d7fb3ac9f3108723b509593e10e26514057d * md5sum ed98db17fcee0299baf1831ead77980c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXDh4AAoJEIXCXpWhbrlNQuEIAKa9NPqCbi1I3bgESJa1wqmn mb/WCQ0yE4uy4ewCy9+09geIxf4iFNeDUKo6x9a/4NajLxvcZ21Eolg4ge04KXph crewTs45FSyIEke+fBq6WSPYiyylE3ITYKp4hQmrDLXf626ZCFpk0yUFIheDEahg DVuaxEdUnn2gCRwzuNEAyQhqHdTyhAV7AECbsGlFJ845Vch7o/Fw/mfKuRy5sEJi jHAzsTXyPGdQ39OWOqdOB9PTKmq2l2dOqyK9A8jjzAdktpKMaz12FdNDMYIvCv2M Ugvrpll6pZPm6ER6PxUSRjNN552oEiyo+C7CkvkXAqMRIBPJaV3HCcRcNbnzpx8= =B7lK -----END PGP SIGNATURE-----