This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-domain-controller-13.0-wheezy-i386-openstack.tar.gz.sig gpg: Signature made Tue Oct 15 15:47:59 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 798276b2147f183c5407c0ab3a1aba2980801bf4 * md5sum 0c977c892f5ab16111a41e9e38f1f571 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXWOlAAoJEIXCXpWhbrlNe+AH/jcdB8xJDoM8o/DPaudc5dq4 hn6BTRHRu+eo7eN2NTWcomMKEzJMdCdSM/pA6KkIXvxYTPLICkRQsHnegwHQpaHg ccEnDbhc3oOAYFlFZ+h1qH2/6QE7uFb/PGsghA6lxcQebbZWVXaPl4zql1rXMnYM 31NVaG05OqJWaulZjrqUTlZHJcpAOp7qlq/vQr1mQiPSA4leKxFvW+SXKYI/Obsn ghZDzsVjD20/QlGqqX1vbZTKXYMlGppal8tGIo97MoG+aa3lD4VJ5GfWOBEPWhXt 6NySDGjgXKHk2DYsiCzHzVl5ct7KZ3pQKAxdP016dg+pjegJcjVLtEnGu8Rwiq0= =IsbV -----END PGP SIGNATURE-----