This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-magento-12.1-squeeze-amd64-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 14:23:25 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 5f0c9c8cac13efdf7189f72a33266a1e68c5403f * md5sum 1e23970eca39284bc2f129df25ff7885 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrfhUAAoJEIXCXpWhbrlNGLAIAL/LDlp0cS5BLjx/RiuKCcEL Fqi7GQfSPi7cclJlACYJSpLZWQ8sZlFkjygQE/NyerM13N9FuLc+lD2OFTr/J0aq J3ZyK5D5Bgh5f9BLWG4rSSbPE57mA7rKf8UkHzxxjZqAlfJrLhzg+iym3vuBgAbI zv75lnfw4PLISD3H5+UYbmU+R5mNmlnjR3xJQggiV3l+ylgkDLibpigVzIxdwRsT NtO1DRvuIOQFrxFOazBNydJ4LSze5WuBcF+hNfWdZ390AyXjYRnsFMRlCpFi0Lzq 4K+64uMyCSFvDx53piGpGh740Bb009L6IzPlnTYsEahedJveEMwqnBz4znljIcc= =u9nm -----END PGP SIGNATURE-----