This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-magento-13.0-wheezy-i386-openstack.tar.gz.sig gpg: Signature made Tue Oct 15 16:44:19 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 6965ec25beb6c49392ba9c1c7574f94e0e880618 * md5sum 7a11ba85ded3f42abbfcad3f9d6f7202 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXXDZAAoJEIXCXpWhbrlNSsEH/1KoqM1g47iIKhwJ7e7yjBB/ mNivgpRVgJ+aAfYzDGmzMc0XNiJF7TRVGPKRKa9pIYHqWCDg6yOkjHR+YAj/d518 bxwUmErQ9ZMAPHHvU0PB27wQLDOReynF01p5bnfrjI2jC0uORf2X+jGaaooASMPb bhr2NrbH90cK/WrUkRc9mWY3gfeOxWHuPtjEGAS+TXsLCbZ0YzvWSs3K5YGlMvha tQ/+lBO/eiWIzpHHWpAzMk8gobkZhrpbc8rz/jW8P/lX3tEe+mEUuURuF6jjpqSe bGoTA4vN1cogPkS/rMc+190A7C1VOrelLS4GgUTXsLGwaYxYtQyd4Q5ugLR7t8M= =no2Z -----END PGP SIGNATURE-----