This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-lamp-13.0-wheezy-i386-openstack.tar.gz.sig gpg: Signature made Tue Oct 15 16:26:11 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum e849650d02b9dce6bd1a432138fb6f0737c2770b * md5sum 28e0a7e1db359a5eb4475b99dfaed9e5 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXWybAAoJEIXCXpWhbrlNtvYIAMEkiEGqTVLRtUeR9Y0nbdIs 4X+ElsCUBDcwb4RStenKeg+j+rOTdlbwhXY1BzJd+LPPfL+MBc3Xuei/Rzo3eKtV 4PN4IIA5U6XrE2bI3F0UJ8teJlwzM9RdjQ618I9+9DdyqLWWKohNV8bILYx52GOD ql6tcvHqX5AxUuZd3aamPGD4t4nW0EvdUi1HmjIqeNVv+Q6+gi5/AxylX0IeUJbD zinELjrRJNXkaKMEk8oyWNpJMiBR9VNW6e32XwoWuCWihV055RlQbRIzkKOHRJww 9yfqlzZGMEhyAa2vQx7cdTxY2T0J3LKCBbo4o+7WiVQ/SEBRN7ShwBIXrO6C2Tc= =Ae80 -----END PGP SIGNATURE-----