This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-tkldev-13.0-wheezy-i386-openstack.tar.gz.sig gpg: Signature made Tue Oct 15 19:36:45 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 132981641192db7581948c91d028810b05d9cea4 * md5sum 95465579b57e198f8c36b6580c5202e2 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXZlFAAoJEIXCXpWhbrlNMrUIANFphl4J9vx97AKKrq3EFp1w gsbhot92rHdnqcCIPicNO6XGeW5vlDR698JjYvR42ekU6w+9/1qZ0EJ09jpcr2a7 lI2E5IuUXXj+lz9L0pmubAT833sFmmY+5gdNH2+fuZk6Qyf8/dpx8tulcUVCRYww c41MQSWNEqhbh6P2J22BH1C2GcjNeC4oZOV+TG1GSo8el6s3d119mwTyS8hpQkDV hBsqgor0gSwqU9XdQEmxC91KKZI5Yqhrvfy7DKxLnHz7reR2pOiDdAWCHru5v+mI U/+fS2pT3GsCZ+6QdfUqI7ttz/EzlyDdAP/RuV16/5njDh8jkxHcSKMVhdbd93E= =+JN7 -----END PGP SIGNATURE-----