This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-sugarcrm-12.1-squeeze-amd64-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 16:21:34 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 9c44a7ec56c2a48d7ecc0ddc0873ca9b04504d94 * md5sum ce61c26664d14099900810d7991b2392 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrhQFAAoJEIXCXpWhbrlNSGkH/1S3L40Dp82di4wLoBDGFdOm UZ8vrTKRKA/Ib+Oj1PQyYebByQASAe53obpY6m9RtLJLZHzHQsBj8b8hoeQPHiJM PMwRtHu6M1XCZUBLaEx9yQOtg9GyS5O+Nm9/aIw5Qku/OGPoTajFgsXqXdYdH7DB TGUZMjRIiALKM7kYGjfFALuVRZvFFaZMznOd2hk2DayQAciTrdQnNGft+CLdHHG6 xAvF5YpZo161u6BdgmTnBZIwVQzI87XvEC1lPI2Gv7eYkEIscrNAE5EgY0amsWEP x4nQDcXUr46aiPRRyuzSWxr1AyvFT/2v0KlvhbrHYRUkPuvNohEkPB9W08X+ms8= =5zaC -----END PGP SIGNATURE-----