This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-processmaker-12.1-squeeze-i386-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 23:32:21 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 785e5a7a4c417fb2f13f82b338759e49519a3002 * md5sum 4081bcce3606b2a8e97956cbdab532ac You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrnj4AAoJEIXCXpWhbrlN6cUH/2nuCu9hZwmDUMbcG4ESF0Mh 7yOA2S1H9u9yMmUnZKxCZG5FxJQS8yhlHIxtpiRn7HZfwj7ktGalEIVpGiYyZiPF KOjn51DcRGNlOhITUbl8uC465Gi5WXTpmWbPgrd4UnMan3oRJuc6pqmkiLh/94mp BvyrrKeqfZUu8hNauzattR39l+sYhysw/mBqW6geetCsbKjFrwFL+3NKYkPN0HVh KHAwaMpZtherBbVy4KTSM7lQeCdBF+FCk4mSe+LKwv0b9fUYwlpv4uGMuJmJi1Sz oyjHZ3Iica45pkSdwQHnQg3cz2XcUrf9v4hzK/xSqzVxdrlRi6PFiAGV45hp4ww= =lUwd -----END PGP SIGNATURE-----