This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-projectpier-12.1-squeeze-amd64-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 15:34:10 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 1e82fe255ccd5654aba818ae345139cd4a1bb333 * md5sum 9e384ebc16592756433a09208aef5438 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrgjrAAoJEIXCXpWhbrlNxvAH/ik4JYktqTADrDXgo9Q+WdQH R3EmJJJ3n/EZVi8+JBdY1Ix2lbIIgarEY4I5fnFvp5bbw9lsfZWZNutTsI08qaFx Jb1T1Gn1eBSHWy/vngHCg2lmWeuHIwK3kg50eXFXlfOwr9FwXsUZpFIdFmajbvel +eNxFZcEmvP+M1oqd0CeP92TlOxQgFC7esqZNkBCGmaLxnQg7FwpZRFSM7dC2/Ti cv1wKZuRmLFDHKO/YlIUq/X9jjC29pVTiJ7I/1KBi99SSnkqJicbYLmbr188u3YF 2ZCXty1SbfQzDEmSqLaozwivdgUeHobmqp2y49g0HjMcHAnH3VLWqRfXQAgLFP0= =Nrb5 -----END PGP SIGNATURE-----