This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-wordpress-13.0rc2-wheezy-amd64.iso.sig gpg: Signature made Wed Aug 7 09:21:08 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum cfdf0174b7b3f6e4255f1125db7de953a298adde * md5sum 78e98d28332708e1c362e47396a53805 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSAhF7AAoJEIXCXpWhbrlNw6YH/2QFq2cpAVQIP7ovKOoZna56 RlqeI4thBQBQa8wBFLcNa4qcorqfxqQQ8LSMwhpZfzJvWxX6q8mqfKTRnHZ9+bnK rBzkYFQ8JiCjGNpDIxBI5icNPeX6f2j/3t5o/zTZEy9jXXtZSwHUE44wn0skE476 gRDWoEZPPDQxE2ISWcClc5UrR75DYIS5UgS+k/mW3R8Rb8rYJ40kDEBaqDifNRH2 fAwkAJ08IPyTiyJbfCE+BZREL4te+tBS2eeq33EcMSoPoLp1aPLqxB2cDytA7ihf +VJIJNgVSeRR+Z3/sF1n8DvLYKayEpQJEnZTxKOPZkyiUZaW0glqYVf64DaYBdQ= =OK42 -----END PGP SIGNATURE-----