This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-owncloud-12.0-squeeze-x86-openstack.tar.gz.sig gpg: Signature made Tue Aug 21 16:06:14 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum d3e3c1ad807d38aab559780f7e2ded9f420afe64 * md5sum da63894b16a790e3b7e3b792eadd4742 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQM7HrAAoJEIXCXpWhbrlN1OYIAONUm3n4+4PvXrUsTGyqY1Ji NgRq4t2m8HJSttTY3BFJNncp3MBgZcdOOmTtQ/Fm5BGe1E+RLdlWyQoR15+iPsIH IAMydCZKUEd3gpqm7PJcjHpED04/PgJ63B5YA5FPn7zcAci6iEGXyryta1LDMAds 3SljDGXPJWGewMcbKFqX7K+/1yuxR1zi9HkxE1STlipwtW+OkMlkOGzMgelH1+sj YwAx2O8CI7tBv+Ui4j5KksS5PLUnF7/01VhVbdVxLbllVc0WjTTBZ0ghiDwuNSV0 wqFVPJrk+s+S540S1BKQeY0PZlTZ5yCVZNA5U5eBFbdLiSATN7jkdsHykXdtP28= =1sfD -----END PGP SIGNATURE-----