This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-tkldev-13.0rc2-wheezy-i386.iso.sig gpg: Signature made Tue Jul 30 12:35:27 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum f8221a5c8a4affb504103fa1610bb8809827fac5 * md5sum 1e352e890af43044025b90fae713c754 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJR97MFAAoJEIXCXpWhbrlNBVUH/33m7qMb2EsvmjJfbfkJIvkk Laq2/WRxEHFzvvJ1UrrRBd2yaWyWj+1xVbznvWGkRfswSo6cKhwyo+lkYGB+SuEC 3mr1YvaoAv8DMmWgVoJtL37SiqenPxy9h2+SVLFrpdlQIMRHv/yDVZtJjV2CTcF1 mtOkrfdOtz1pmP/so1NEoMoQe4RRPh/rZ+erDU5K67W64LUpJJSNNeTFs2TiA5a9 1hQ8BL6x4uo+I4qRgC6zw6e3LeDWlq1dXgwW6EKN8WXPOTMjR0CVH1MSOkg2MCob HTP9xaGRrEjEx93b+8Fcm5noJOpbCKC5EjtLR4QEhwIBGvuPJ1r/L7y2qiRJQz4= =B+69 -----END PGP SIGNATURE-----