This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mongodb-12.1-squeeze-i386-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 22:27:25 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 94ae060d854e3dceb3d7831507793aff83b28ec8 * md5sum 72b7e7b1f73f5828d0bf0e797ca134b1 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrmnCAAoJEIXCXpWhbrlNq3cIAILVekapa4MAysuobQCYzrnB zyUXx/ur4QM2JwKKdGvDNq684i/mQ7Ufg4xPkMxXlci9ppvnoVS8Bkjo/jvaVcwC UvN1/TkMrN0L/GsDnxCRZHZDDsglwbXtsEG6heG/o0eibJTXmR35e4vVO3gsWsML Tpqu7ILPCVlq6rq6NwWoYGFCVeiT4WYnpi+/0gx8Cm/+OQXxdktkSpjHZ0rLurKg fDh7vrRl0INkw9mnFtSruyrwsNdWv1GbMrjKU1WQ5sh0cgWHc4JK7/KMHVTB4PY1 sbdDXlMw69pk3YqCvq7Dg5S3iIEQ8TTL/MdhiSpMcukkAKoijcxOfin/AoxHGsU= =ByLp -----END PGP SIGNATURE-----