This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-trac-12.1-squeeze-i386-openstack.tar.gz.sig gpg: Signature made Wed Jun 5 00:52:29 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 07d9e6a656b8e0b824d5985b1739766f8efeb105 * md5sum 9d516af0a03736c21ed8b40da70e9c71 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrovDAAoJEIXCXpWhbrlNl4EIALb3zHyEcxNFU32RIYymDDqV a3dyvG0y5wpFiX/vBaqQTxYfx/jsbzD+6bKsLROpHcCWtq6E8Mk+LDHamsKfWsyU lEoJ+BNs+apYJy40LTl0c48kAY6YzpkTS1Cqs9m7aPckB+pdlrTT6OdEc1OSTIsh l4etiO/CuergIVDS3ehG54nSAe3PqYezv5/qp87CtGClZ+arrj215L5ZSCxI7zeo Kwo/fo5SNB4Rvv3Rt8lJPqNUh8z8Ht5cyJv6HqiCGio/KEdMaJZS6xHb7yRABm1H KsTIpFk7g6PYcaNxnKDYACRCYmtT0fNA6dCi1zAKxiIEe4hJBDHgy6dKWu0JsG0= =PLHB -----END PGP SIGNATURE-----