This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-sahana-eden-13.0-wheezy-amd64-openstack.tar.gz.sig gpg: Signature made Wed Oct 16 10:23:39 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 7c7419a3d0a54a7b0f15cd13fa9f4f1331425c6b * md5sum 13c8d4e4688140e52f5072f2aecb5409 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmkdAAoJEIXCXpWhbrlNoCQH/ju2hUDRDN4xOwksnJ49kaWP KqJKw4/7UnFa6ENt0BRUa1ZD+njy8SIBT1rgnAbkPJC2Fe1XAHFPt0iiSpLw09i6 5S9u9CXiPjhMWr1ioUSuo9OM497FhTtVO4WRlxUE4KJJLLccgzVYSwxC3Ir6SjoH gWJQ41hCfo0gYE6ibKV/HJO+cXWKsuIlK4TrxgDrVrioa6k0N9YzIiaFcmLFvXED 0IO6jZx6ZKT5bNmbJQn6d0X/A48cPIlbICAYNIAAfd+WODGnLwxHitcS5h7dW4m6 qnQm4ApbKrT3QHul8EmcdjgmZqZnPRHVnKyeJi86G5Ozncji4YVJ9sqVktIyEds= =1DhI -----END PGP SIGNATURE-----