This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-openphoto-13.0-wheezy-i386-openstack.tar.gz.sig gpg: Signature made Tue Oct 15 17:43:23 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 873e340fddd8f9f41b0dd18037b37ef41915d6d1 * md5sum 241c6ec0bc83e0d4b923ff753965f292 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXX6wAAoJEIXCXpWhbrlNfjgH/0X0/GQysKn7L6x99nxin2eS ufDAj+8Cy/oIkKou6D4EkzvHR5MIBqAAmuizk+fsnJNG1b3sJoOmD4pKrcA9aqO4 MN3IGbgarGj+RgEJSRpWIO4+frGg9X9lwWhRRgFWp1ykBLjv+/PLRc8jIMeGKMcb CeLEOHUzYG2xC3pOroRf5ZG1KF9CKZdiJv/mZxPaufuLQM0DyAGsoC2n09dFNDWc rgNz10XSjXr3PmHSCFIBEU4jQVIIozYW7nd7mICUkTcZDkrTtiQ8uQZ29DV9VLzr TzHvbX+dTI5fw1qiLxQkmnYuC/qqYF2CCO6OkSPRbXDKienGFJTqyFJu5870EJQ= =oKLZ -----END PGP SIGNATURE-----