This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mibew-12.1-squeeze-i386-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 22:05:39 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum c125e438fbc8f7cc2919721b5dc9b4a1ff17e385 * md5sum a826c1a15c03788bce902af692e644d0 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrmSmAAoJEIXCXpWhbrlNuyAH/A0qsAnLT+mALlbYBsfYM0dd BAPag51zY9NqwbvrkWe+FMtfHsrv8iHYZ+Rnjrb2Op9iFHHrGgSgz5y/C1Tj3hAu ojEaNxNWimY1Fj340zgdNtDPQUVW15VPio78pV86e48FCJx6lhfRJbKTmB/qoNPf Cj/h7SUXgz1piBCjWW7p2M8FmnctsBrCSP5S3BVidwGHH//mg+hI3eNmxOkH0uaD CsHNZHtFMPWrlLZzUjixkszXptIXUb4vpGeWt26R1ejS0kwE7h1hlGSCFWPquUg+ g1eGwmtqDEENc3yGs/h8DkZCi/eDWcu5Z7B/LYQoFiECDJAW5Ed17Bha0K29eTI= =deWE -----END PGP SIGNATURE-----