This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-elgg-13.0-wheezy-i386-openstack.tar.gz.sig gpg: Signature made Tue Oct 15 16:01:01 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 1f26fdba4b05eaf4bcdc99ac2267729bbad4eedf * md5sum 974a78ac956c568bada5fdfcc423e706 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXWa0AAoJEIXCXpWhbrlNiYkH/1Tnf2wx3ZsjJijTkNdFRTbS k+ZTt1i1piZXOP1m9HTVimAgm9wd3ipQjkUY9VVXl7jGTJf00M9AjJitL7XvzNna AChC7fXm35BukpescVIo3XIu4oUmLr0ATV4sDGRY6crsekO1n60H5ypT2knX7kvU 1A+ANfsbr7I0rO2UPASIVQjDdbyMooEMgh+cqdz5tsU13N+MC53ZDtdG+mu/bMPC zAPYCUFKdQbH6V5jEL25yCW05R0kGW+9LkX5vo1WshAA5FPOyg3IR3uNCn+pIv+E PbvV5PyVdptIRC46hy8loM4Yg1cZzh69Yo38++G+bC4Pdp+aZ3Op/I7jqFihJNk= =SODj -----END PGP SIGNATURE-----