This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-pligg-12.1-squeeze-i386-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 23:34:13 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 27907867d9ed78d5ad0c93af19c37db53de52c41 * md5sum 4eccfe667460d9535043ad29bb77b582 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrnloAAoJEIXCXpWhbrlNcn8IAIhPYaic8+bHIqMG6mYHqXfH nap2X7ZapUk5BND02gvu5LMHwsp2+Y/mNMG4+zm6F6YqHa2cBNIp6kAfWNxF1158 RpCb3JDUXUNWDZnxON+pxC02SNNU8Vb4KmPiaay3gfjD0y+zwhgJrq534y38z6WG jvqNB5OEQTmuj6OIXz933qUjuD34IMXeqCsn1iEO4GOYsK0GT0nhAWh2+9t4XkM3 UhLpHD50olCNYak6OW5gfy3nV6zsqRGxtutaNeUmLsyHjLcx7uQOIpqtLsbEo+44 T3/tSGk0Bquv06NjaBln21OJDOVZbPUdFWsbDZxjcfMEsqwsJCk4spgK0Zg1MRU= =d1wG -----END PGP SIGNATURE-----