This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-b2evolution-12.0-squeeze-x86-openstack.tar.gz.sig gpg: Signature made Tue Aug 21 15:11:14 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum e5739031b0da0d6901be914e33e06d8befceda2c * md5sum 3a85fdfa60b44304253f2beb0bfc4d22 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQM6UGAAoJEIXCXpWhbrlNBoQIANWAWBYuXt0YJr34/rLLRRM+ EQBMCUgQnvDr+TwKgdZcEZYEUk6PjH+5nHDgqkvw0SvYDt32jn1UefV0Ev9/KWie v7mPaFYvtRBnxcodv/e8FQYOJT5G3e3W3zljYkAHT2j44di9cVFFedc1Y5v/VWNs q5i9VYi8juiuGbcQkbnze8ziuNlot+vpmcNx74VwTwqiLxLqOIC2aVffDCs1SE/m PKa7ih5+qw+Z1y4u/uQKa2cJlgwG2BHeZCdzVj5em2bYfOtuw+Y0jEw8+I+GgtXU aQejUKEYDjhdpDT90Aaz5c6EPukzwwXaK8E2Q2mroiUDC24TqcfpbLWGNNPi9UY= =Fbum -----END PGP SIGNATURE-----