This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-projectpier-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 16:22:51 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 1f4af7b107b7ab1b31c3f6e3bd0f330a725b1c92 * md5sum 2c10821a46a5e118ebeb772482d00e09 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXWvRAAoJEIXCXpWhbrlNprQH/1CO8f9eUs6268E5uGdTwFsQ lizemDwNbFumzVoTBjhhoe/1wZBJ0EXGmYBlruBLXjfSySk4Z0sTamDTQ+ICjy7U 6fl38WfzLSWFB2FS+/Wdq+yJd1520Ot8pe/uxM5ylqEQt4GNRqCT7fqkz8fKgF6x NL2BFK6JWbNat/VrKRPAwL4rrAJY0XN7ZH6g++NQKNnA+Xua34aJ35c++kulX+48 EnZ2swwb1RDYB4p+qFdkn+4fi6nUR46OCcu9tyWDqsFnFGPGYhYqr4gLCpTyblHL xH0nJMpxL8nJnqXZOv1sCRNht0hZp/7sNaJC0XgVy2ZVRlNg40HFKV1hdo6xAVc= =ql+u -----END PGP SIGNATURE-----