This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-symfony-12.1-squeeze-i386.iso.sig gpg: Signature made Thu Apr 18 14:03:49 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 4dd4ab6145531adc88446d92b6d777b700db05fd * md5sum 97edb492adcae73668038333b6fcc153 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRb/05AAoJEIXCXpWhbrlNs5wH/1nsb9Sm/Emd6iaT/GCzWsMv s4SU6e11ki69DCIFC5dOxvr4wj97jCS1J+vm/1yS53eho20xMAVMcOLIsvAVHS4j hcKFqGLl+fEUEeZfodeV9eUQzoU+NCXOzS+QYVa+JxnhHQOP8tDdLo5TV0ipqn5N pvIys/dHUrt6togZFEznyESPMW/OEiYCqc0u9DXOXqKKAh3klxAxpcjvUN4sxCvg sPEgUohq9BBg6dwXGB70teZ3VLOazs6Vdaaj4qjPVr5ZkLq86+ZUVT1PhfXqa06a hJhqNavuF8cHCzVphsQgU9tFV30ebCY7ugpEoBTrrkzVeNv2jJ6fSBmbiRF3D78= =Xtcb -----END PGP SIGNATURE-----