This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-gallery-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 13:34:38 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 2c899ce34abab2d10c7995d5abc8aa8326d331f1 * md5sum d0bea94721957f1bc9d8b2741a536b5f You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRb/ZRAAoJEIXCXpWhbrlNHC4H/2PiNH+Lmy1Pc2NXDuEdDzIY IC3IAGZv5itZ2kOAOj8RXGqjaowd1gnZob25rVFWXJhMMvsyATgh95IYs6MYC6Uy uGl41QEw5uTRoFGbCmCPxdCDyEGHnNIqtlM2Lbh2rO6pX5eGRzVtZi/ZWCzUjFky WxZzvcTe7JgjGaHCjLs4f6pNJU7uuaEQAjh5c052R8v/VJHO35mDjhRmJ0qBatuZ trUpYdHfjr53FzsiiT+d+FQ1B4IRuCnqx1/8LisncR5cuC4LbHAwlwFbgbz/Aj26 7A18Xu3SII7fpl3q5y0WEbtg1pjpi8C5WNvEgrmjnEfZC2/R8lq+YihcgxNs1ME= =yNks -----END PGP SIGNATURE-----