This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-collabtive-13.0rc3-wheezy-amd64.iso.sig gpg: Signature made Fri Sep 13 07:46:34 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum ca4efac8b1d73c843b9908546e279b14da4cc81c * md5sum 8912a7a65fcc2f6b399c7ba57f464e41 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSMsLSAAoJEIXCXpWhbrlNgkcIAKI70j+jipbpMxpsAjeyyZ8J nrMZIBI+mLogOC0uKuKB+pUsN7H2vHBZNs3g1/baIImlLFvME33k6QrpraLlU20v Cbz0dzpRSfa2OteczcWfrK9eNGTzBPKA0O7+Jf02sM/5xAEgAIGjP/aL0zBu3vlg ZdqLgRlLC4B3jBW8Np7LF7CIO2naXLd9Ecjxk+8ewNZTToviF3iIEmF3AIHEPLIv CLQ5+PZ+d8L0+ltiOwMIz05OrEGi8NohRoyCeMVNGWhpOngIkg0nVCjFggw2zidk ATBReG5O1U741IxllFmQkLTFRP6Ow1+LG78b30gMKptKLFPFTQVahrWnAOUiHBs= =l0NC -----END PGP SIGNATURE-----