This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-tkldev-13.0-wheezy-amd64-openstack.tar.gz.sig gpg: Signature made Wed Oct 16 10:25:28 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 8ce176054211cb245d7062601664e39357c4e967 * md5sum b2b02972280bfc000a1e47801ac6c96c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmmQAAoJEIXCXpWhbrlNtiQH/iJr6tBZDKAZxIRwH9rjDxXS AO/eD39FmP7DlAqgHyu4qGsytNP34k/DttddWyWeb2DWteWhoFoVMscOd+USD5AH 0b8TNklitAuEgBmW+rkkZJSgImoFqUSDCAfzLejjG1JvmHXVrfWlE1eCLn35zjCm ubi/w3pE8rnI5u3Q1kZsDZZwjFICTSH0rJ7RVXYy5qUJlopwwkc/2A/ZBXqiFbLo QzO3KwXUoMnbomUXQJdZyMyKsddBA33wwPnLa1GG6tCxoDSRJg7kfIQFepX/C0Iq 5/C10/sRXC8MrVFnonvWv92UBKjUr2TTgeVV0HE7fIXLIWjVhqrHf+x3q51OUXU= =KCto -----END PGP SIGNATURE-----