This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-pligg-13.0-wheezy-i386-openstack.tar.gz.sig gpg: Signature made Tue Oct 15 18:12:37 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum dccc01a794409c06ee9fb81033420942d7597a1c * md5sum 310b9981e585472e9d1e823ff52f6b7c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXYWMAAoJEIXCXpWhbrlNQOcH/i4KVHt9087PfT9moyiEWcrh QlFmBrzdK1aGT0RGLQUbVp9SNxK3XOmSI89ZJbsEB0RFmw4Gi8G8gcrDkg2qgxxU Eau+ivWXPnrUF9mhCzn0jkjgGU63YgVQ4g7gJ6VjX9kPT0Ut2d+c2iSbFtfjjAoC kTFbdhpDVqivoLy67Zm4HRlK6h1npY+qXrqY/GJ6LO/pK3280CugmrntbvMzTBau vFAIor0aSanCkPCxg1yeij5Lh4J52hhXlBwqbSujfLhLvTCGp9DDxOvtCiunQK5b 6u5ALW+7x29MS/6hIN/Hpj+DoWlxyMsfmtadIZHeI2jTduDUL/nw4c6AMjXuI6w= =TFos -----END PGP SIGNATURE-----