This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-pligg-13.0-wheezy-i386.iso.sig gpg: Signature made Mon Oct 14 18:33:47 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 1141d765f0aaf1ad1ccf6bf5acec76b2f05f9111 * md5sum b976017e4e954f67c88a8e4261041354 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXDkBAAoJEIXCXpWhbrlNG78H/2DEqKj21mSP7OUfHSFH8XLw iwjxqLAwZIl/aBYakfLDvoBvLg+4A/MF0aaeOSiKuWPBCDZpiGFSqJTKqXqGkIff liTbB/cpCHcBYqkynrttEJqMfcPjE5BxMZ+XdMExzDkNMrlq10mABZWNgxI7Btku ymfX364xZXN3XBllCVssoGbETZx8Bj63CTp13z8rz8PpMvR5ftVj4+H+4cTfkyY1 DXpPKNnTCj2ORL+JIYa9/0e2ZFigikbOQF8cltARUbqUH1c1NCy0b4/JGKwUeKeO DbLy2MOr9i+dES4apv6tsXpuerONxZT8QwRWlcfrF00SRa+stzdThpgGDBH3hjc= =T0X0 -----END PGP SIGNATURE-----