This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-owncloud-12.1-squeeze-i386-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 23:01:34 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum c7416ee6b8dc62279b28caa6a50f34d21ca4cd38 * md5sum 2329569bb151ef00d6e9729c9b5f6c2d You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrnHCAAoJEIXCXpWhbrlN3usH/10wT89Dox8/XMrISirqahoC YHkvBo9n2awLyQtsjZio+24In/MwTeqXIXEiO0X40VTmyePPpD8Yb53QfR1D7YCk 8c4cDS0e6qBRljO0TOUBvYMoeIX3tD0ScXqkurLY7m1EHPnEXA2X0iH+5hn4OfYF DtkjlNWT1acr42qRBhYrTVoCtU5rnfl1ZpxY2ThPb236o/NQ95XCLe7Qis4S9g38 JXZLZrXLoHPnL5/cM2xyqrdIRPT/gLZxKRDbw5j2weL5NHkuBrYwEm68wDjwz5Ty FYEeNcLLDtisSA6KG5vdv1lhCcdXDj2DwkuMGRi/wmihEv14aZVlE9Xb6ipRPHM= =Etql -----END PGP SIGNATURE-----