This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-pligg-13.0rc3-wheezy-amd64.iso.sig gpg: Signature made Fri Sep 13 08:54:02 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 05538006f8aaf2700f500ceb3e643eac3b00e0cf * md5sum 4fa8f88b7a6cf6db59bce6eeb5c2d99e You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSMtKjAAoJEIXCXpWhbrlNcPQH/22Fzx5ixCduNWbA9WI9g4lg mRndMAztsWHxhGMvLSJ/WO4o0h/Q1YYk8b5+0jSQ67E2AdxLXz+58MAFB85ruXvO pj0OzVJOZ5GouUJNZcogpSP89NDDpOHUWwTwWT0sBHkvDcTkUX2YHVKRD0NK3qrb pGKzqxEnzJ725CxMrLeImx7kJRCZkiXTRBbaoQ9weCY71M6HknnrqLGasEgih9fk C9309stZau/3+PrIf/sHefLtbhDtf5kAWjmz+mQV/VkK5HDpUmVAWPLvMXMXn72P +65BEW8Mdd2FpbefR6ndpKy0dcbZS/E596QptAeVbuUyXh41CrAVvegslblyUFc= =GPRh -----END PGP SIGNATURE-----