This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mantis-13.0rc3-wheezy-amd64.iso.sig gpg: Signature made Fri Sep 13 08:24:07 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum ad7123281cab310d9701b6ea1d797f9de0ff305b * md5sum 98300aac22b22dbb93976862f9611674 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSMsueAAoJEIXCXpWhbrlNeQwH/3C7XBGbWA30xRH6mj4IreS3 HbinAWIvDRTkogsNFr9Lm60q6bdfd9Tu8fvJ6A9Aqwu3cB8HsXevNCM/CTZvWFwU XKG0tATAyq2val7l/Hhj7CGZyCnOnKIC+xzXw+msDyEVD8/PYYpWfRZkAiwmqv56 5659kdh7dE4crbUF+hEJuebJO1UI3aAO6C9viMG2GkI6ySw7axQ+zwDEKNFg6TnI cYOhc7aQUibzjz9jAM/n9rkv70sG6kaoPd+haxY3UJjUrNhRH3hTmGZn+ulSG6Ou xzC18x8rbMvN9UJai9VzorNi/YMonZGOyk0m/CLFMyk5x7lfhufBVLnHLiD90uM= =or06 -----END PGP SIGNATURE-----