This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mediawiki-13.0-wheezy-i386-openstack.tar.gz.sig gpg: Signature made Tue Oct 15 17:00:45 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 25db09c43e8caadad8cf86a39e90726d600c36cd * md5sum 5f083e81dcb9f560e24e590ceda30582 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXXSzAAoJEIXCXpWhbrlNJkAH/2hL+V5FwKxb76pxfzMyn8Jk JcQN0ftIOmYWGAT2tsMhkkmO0voYQnPe3ZWrKPNxgWOB4Yb0MUBWjtb3trFnQUw+ Gg+O4oybNkMKtzBsvOl1W+MsEHd6tpxQDDWQ1G0/9ny7NAsN5p5pola7F6mpoJif cIrZV55jbQ5qaNGEiTNDxZZ0UwEkB4dCs73n3XSL8YRzjId3cGEaIQUOcp8D7N0Z juTFKI+E/lDVy8+JFASIiUo0GMHUybgTsd1esdwoK4gG9kHV49l6qKF+tC33wTkS cPaGEX5D1PyXQ3T2bqAtNhLEUzUW0srXOlLhJHocZVcBIi1rCRAxuR5sgZLW4yc= =yZI2 -----END PGP SIGNATURE-----