This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-lighttpd-php-fastcgi-13.0-wheezy-amd64-openstack.tar.gz.sig gpg: Signature made Wed Oct 16 09:02:41 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 56783af19d622a201b4206910748751e892c8a20 * md5sum 8c7511f27ca85e80173d2263c20a867b You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXlYqAAoJEIXCXpWhbrlNipQH/RdfYeM6pJvssgx6XXaZqwY2 mDysDPsiEd8gSq73gG0r2NRpaEGHJlBRM5zcTyRpfuPfoFD6AHrmGPRsUF2AQX96 oLPO6Is77MuYyEtRGYRBsQewFrqjmDHA6SfmH0fD0Vs66g7ousAvqke46lvbt/c2 aDdTdWS1TL0PQRyBtmbd5r0/1BpmB1XQqThhBJH6qxsMvHQUpv3VOiyFh5bO+ph9 4GPpXKM2DlJqrXNamlXS+tkHUXDueG+lkCUU6HS+FdYdHPnMiKrES7btLe2OANDN GR42hjcxo0RHxSCYdYL2yyl5fRDhvwtH0aKtQ5hU3A7HIB9Sn1Z5iB98Y11EnbU= =yAHy -----END PGP SIGNATURE-----