This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-pligg-13.0-wheezy-amd64-openstack.tar.gz.sig gpg: Signature made Wed Oct 16 09:59:29 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum ebdf61d66766aed048cf83777a0b8d3a36511112 * md5sum e43d1544bb9e80162d28b8133a8a86bb You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXmN4AAoJEIXCXpWhbrlNWw4H/1B8fZjInxMjHNSqOLwDuv9X SqNk7lROhYJ31SboomcU3K9I6XFE4wlD/PmSArEmA6zrQA77FIW0c27MTQtpuD8o c1Seci5/DaVKFfPld5zjzrbKDE2HSsn2RSbZrZjfb4lAcxvtavM41cho/7JyyO5Y JXElaheVoc7d/Q0bx0UTJoR2/Jb5CTXvn5nbBa4LhgpCfRlIraQVCbk0BujjuWgF UgR3IPzjvuvhtt6AYXADAPozZEQIulhvPiq7Q+5euQhU29yYhYfd+XR/Ex1YbPFE TCsg4fTopFmxqe6aXn7EqV8AsegiJepBLbMVGqbL4UcFnbkP9H6/XpNy7fBQI7Y= =PGtH -----END PGP SIGNATURE-----