This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-nodejs-12.1-squeeze-i386-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 22:34:11 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 0851785153e349566660b14d886c7dc7853b8cc7 * md5sum 5e9231cca14e67bc7c02d60164ae44bf You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrmtYAAoJEIXCXpWhbrlNvycH/A2Itw+5oT6zrhU4XkP1S9Td 6SiuSiCR9R8ghHoTz6Zhu+1zuP2Bbhi0SsgjnrfHmOSmgtjebrh4zC52gO1nkPVE okiPleX8YNiobXpyq313lWbmIqjb0Ivk0DZrpSTiy5QYEP8iU34S+OjWZCw2eKos JcLPZATkYpCeqWUnS5fzU/sDsICFozbQ1s2fh+DgyzSInFJraiGLAS86WDrbeD/W bEjik3Oa9yhZGmcoU7QrGapirzHoNzqJ+G0ud4p7EsLpTEn/WVQzpxKMvyo6H0Ji f4cmP12u/hTSDJEhLNp6FR1phuEYHOnFt1xgD/AwinLyj3CTQAVQ660pg2jTTq4= =D3oV -----END PGP SIGNATURE-----