This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-symfony-12.1-squeeze-i386-openstack.tar.gz.sig gpg: Signature made Wed Jun 5 00:38:13 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum a28e929639a07bb4e51968d1a1e1f35f2b08b58f * md5sum d5b4d7febb1d7b412dbd0cdc75db0f90 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrohnAAoJEIXCXpWhbrlN/jgH/A6ZslgeRwlp0GLlQosWqzeP 7/DZ5k71Qa2ww5x+iyGZkUTbeTqvEgtJt8HIybhyrXHmR/w8tru/tgqUZrEgrnSa VveclUSADZWLBXByQGJfRECu9EcImrvQqE46SCSpiszHgp9bp3SJqxmikS0qsjO4 w2zTn0+iChkstqiuZQACGCHl+BOSX4mebvOQpNnClxYz/lxv3X951QrxBeCClYW0 YBME3nEr/9+tM61N9E+hbsUHfJ97fWlR7pfuRqH4u6/PdXt134VyBvTOY2kH1eYa ll1yzpyb3/eTzPlFtbjG1SSaHKHnDjA1swz7M4AmEPPQLhq7Ens0SzROhkWW30g= =lFCf -----END PGP SIGNATURE-----