This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mediawiki-12.1-squeeze-amd64-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 14:17:37 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum c7a19f5340b677c7928a84e71badc0d271831df2 * md5sum 317bcc867b566df3d7cc287f5865b57e You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrfb6AAoJEIXCXpWhbrlNOJAIAJ1oWHcy2tNBHCYOy4M562FE 76H86ydS5lt7pOZoO6FTWwQCr/HED5SbWLdr6yWP/w3gTUHobxPcI29FRjyE5Fju XruskcMU9Gpxcupti7ViRAA6yZ0FDP5Q1HwY0H+pYnd+GsWBIwZkDNawS92a3xmr bf7IYWRdtOcZFlT53SFfvQzrvYnjx12LAwV7p2b6nW6iWOxKwXdB1TLrSxpDL2q0 8sPK17BUGCSFqQTOKcA29QCf4y0IhxYcds1IO0qSVQInr30Qp/RgZ+ju4vNAp3I0 q4eOsw3VYqoLHHBFLzFfe/UBu9dF2NadlP7nKmlujzzZlDzgwyL8RhKuDSkndGY= =tRDp -----END PGP SIGNATURE-----