This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-punbb-12.1-squeeze-i386-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 23:55:38 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 0094329b94ee8e615b31037c041110ed32fc8ffd * md5sum 4b09c39e2c8459d4509fd7ee16da6477 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrn5uAAoJEIXCXpWhbrlNyQYIAJBnBqSMw0u0bmzZdsE0fcnI VnWtN3rDV8eJQOvxy/BEI9Ov0QQnTDEs0jP9nKSVkXbkh3+OnqXggG/NvDzcuUjR apEomJIZadrMB18OeWf8MrHnyIFWbwGyPZJVZ4I6oYhfjbgjmdL8/LJ6XCJSngtW +/R2yr1/G6spN84DtnED4fu4Rmr5VjApQi654s78+Ho7dXbnuzWdlMLux4zLUeDg FvQm4a6zb6oX+QNTDrufnK795EtzzjJrFJGZK4M8VP6uxHwKEFiRl0glQ7cHmBQf sTv0s0vEDNuVXELhvpEKz95/LgVU7kms3lA3Xinwig6//2JKCAjztdG9G1pDKps= =uu7B -----END PGP SIGNATURE-----