This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-prestashop-12.1-squeeze-i386-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 23:31:47 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 6f69a8d68c4466c1bf6bfa802a1f7718ec8b4fa1 * md5sum 403009c57c53f07bc23237cab3bb8608 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrnjWAAoJEIXCXpWhbrlN+W8IANsHP3fmpi1kDjjqU9AnRZhQ 5XB3MkPkvFLMM2eOg03+d7gF7vq+1Ox8S0VRKCUOh1kPBjgbej8g4IeKab8y9UdQ dF+g0YRO5r7+AMSkSUHPapQAyPo4khJ2mezJbvDaHFe92LZ1Cdadr9cdkRbTu7/b IVIhEJ2gS2egSWU3GPXmaynZ5XrdX1ozRRFWtChOFP86SAFC4YItrnglOEqwuZfB MZhMwcf87byhp0zhxNyXt3WSydjsIk42j6y8JxeB3fbiR5NfNKvVtChYopp3Mmjt zhJBLx1D3LURFbdIHBTMcroIptZ5lz6sMkM0YCHVzAAtvyySGx0BYaJGq/2Wx78= =u78s -----END PGP SIGNATURE-----