This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-vtiger-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 14:22:25 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 115da1aa0b7a5026081074a7deb2b983f0ad2638 * md5sum 39afce85e67d9d028afca734fb8dd86a You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRcAGUAAoJEIXCXpWhbrlNTz8H/1d4DaHvO31MDJnlpTT2VwM3 RWTjH5qbYT8roVebi6Y04Lz2OQdeky2nP06A/xhn5syulUWUGsIudJRDoTtzWCQ1 Q6EeX7UbNKCgu1F3eLMAEsjccwGl9O5QRC6SgLoyEn/BeNzq2KT1lX9LWjsNzTrL TJQRaG1WEMmJMzy/MOWDcHPfcnW3PBwaP1juSTMw6MAe3ZgefzRii56CciShF4sm TOw68YbJQO+b1w8C+akb7LKtTolVi2RnXIr1hy7fYuUB4/7Owo/4wK7UrQ+1cb8I woOl3XApkx6xNrSRGz9KymfNt5wU4z6IDORsFqAFopsiuFonPGdxrqRlVsOlD+w= =hh5K -----END PGP SIGNATURE-----