This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-jenkins-13.0-wheezy-i386.iso.sig gpg: Signature made Mon Oct 14 17:46:15 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum fb309b2cd24554345158dec9d1301a9eea58cd77 * md5sum 483574c33be359d3c25c6427cf12e975 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXC3SAAoJEIXCXpWhbrlNkxAIAIEgTkUx8oRzhiTeATrW2wMu M/AcL/P/GG9ahTga2aR9fhM+GX6UyC0b+athBA3e/sX/+5NPnLWbOOTboYaTLRJ8 qG8RBiEZgz8kBWm9R6Z+IlSVT2iPUO/W5zg0Acs7qVun1tbNsPW29nIguSUqc9VR nf2HZiGDf2PWZPL285N+XdeqEDba+5LI/j25NR7v3srS1A9/80Wv451U3SDOK9J1 hP9KMIhc+u/ezHJftp5oPljboN0gNZahgTr/UNOY59QqKyqI8fk4xTCvDSblQNLN osE7G7z6Ejkp8HLWP1u9THmBdG401DWvoq12L3I4gyO0eHuejZ7h/Cm9jo755nA= =OkVn -----END PGP SIGNATURE-----