This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-punbb-12.1-squeeze-amd64.iso.sig gpg: Signature made Wed May 1 13:35:10 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 4ec0bee3f48da24d8291f50c4257416f1c88d115 * md5sum 1623f632c9461ce1bfe78fd3381b004c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRgRoFAAoJEIXCXpWhbrlNnbcIAJaREcGDVNEIbwxlD9h2FiFC 0DgzZFvI9cv35uNFiUEXJdvSoHPoSiqngRIFFee4l8jG+OwOUzOaLkLcbK3Es/wE SpKD7hZyCINwJl4iDO/LfjwO8fK5Qcm3GXWH19ZJ9mh1iTH58csH2wwaSfsurMV2 G6omCED1Mw0gBx4Ewc6dPzr+D0xZW+QJ+T0bES53KUaUQeenqJHfE6klv1/eqr0V OwtwsQopGJc7JINjFowcj9d2cZRtH0v8E8lINlLYOGe5aKcY1k15zuqOSbaz1vbc p+KoKmtChNAQC2sM0IKV7yZeFZmrJ1s2KUJYrxbDuCQSS+x/MbN2qJCvot1Zj50= =lZWd -----END PGP SIGNATURE-----