This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-mibew-13.0-wheezy-amd64-openstack.tar.gz.sig gpg: Signature made Wed Oct 16 09:26:48 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 6773c29603a5c5794bdcb6ea7100bc9714d12c93 * md5sum 1620c0b51e65d0bedb203952dc249776 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXlvPAAoJEIXCXpWhbrlNNQoIAKdZBbUG8FUr/OhQcPmPJo2I ubIKcbC/16gmLJ5GVEEIsnaeG259lvoTmc/dudq/kDHu1CN1GkKXUJ4PkazpaX5T UWuLzUeyRLD+n/Yq2V4MGuJ/vp+h6y+qSGilqQM80N7C7u9ku3Qq5pKICnSTKpW6 3jNVq9Eq5Uu0XiXTMqtVYd7n3pIlNdbmPB+/jj5LxtxAwBRdSAQEebFVIYKNfd6C Nb+gpBQ+/6IpgMcwf0rUTVc1/WyVUQp5U+qtmXE+0/hL6AGrXIrBpQ/W6IbOrh0n 9e5+f+RPZu34iXeLoe+X5A2FT1plwc+/qvBObeD0dZhZUbIOdzGt5zr76JLT1FQ= =yswL -----END PGP SIGNATURE-----