This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-sencha-12.1-squeeze-i386-openstack.tar.gz.sig gpg: Signature made Wed Jun 5 00:34:12 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 2f95df85443a6f507ab8b5af5501e92d421959af * md5sum 818d04cdd84e00e687bf34fc6cfa265c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrodqAAoJEIXCXpWhbrlN+NcH/ArrG8fNkgDaSwDIrlBGKMnq 76G83DgEeuVen1oHYhztXJo/a7VClVQuZ/6/8Rn4y6JUwNzmrEttWMxC6QagCTB7 FVbuSUWymadwhRd4wmB6Wsj/6BAlHXQWuISfUobJ4ryGy5AL666Lp+3O3AWM0WGq 0ixtrGVvodsbG6pxoYcmt1IPKVY1bLU4xEgN3+8PXls4LAUKHY0ciMLBMVzO1U5Y VYsWqXwF4wueMs0uKlM/z33/y++/jzI6J7PKnPQ7HB8Fpq8BJnuEciDGpJV+EMA/ mH+ywIJfNaMHg7w3+uDoftYfpqJ79Za9m1SfADuyakxTKzoZDpuX0LP4znrplsc= =DgJb -----END PGP SIGNATURE-----