This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-openldap-13.0-wheezy-i386-openstack.tar.gz.sig gpg: Signature made Tue Oct 15 17:26:30 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 454e002946c42ce2f3d2e8c62b8c6cbcd5bf9193 * md5sum 0022ac78c3b9f305680503c400e070fd You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXXq/AAoJEIXCXpWhbrlN+B4H/iMnvWLXUBNqzewiWNhTRwma TvMYAPcBKQei9QmM+phvP4fkIJSXp9xPb7px69FF/XU5xQVRy2JEBgdEu+tuPp34 JJHkc6b4V/845HAs3EONm69HJ2KAhLByVauuh+/3siLq90BkXbU7xuFOv/ErODdz 0o5I+xOgUPrUyzje7baiCn690QJFHyyrv94yxQiD9KuCAVqsos0yMW2pDiUfO1O/ VH/ijaRygM458VO8Zw5sUclZaRu/VekEWbUMyip/yWy2+VrWM6N9GCUtyrUB8Q/F 4dZFN1cD5cWVp/JG6ABvKC/cDdgzIHYogNtiHOkJHUg/vZYWkOWBk4P+HUrTMrQ= =w6J0 -----END PGP SIGNATURE-----