This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-projectpier-12.1-squeeze-i386-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 23:41:00 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 45f3f193957a74791c29aa3c9302d3411eeb528d * md5sum 5050c02ea307494d69ca71b08b798b9d You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrnsAAAoJEIXCXpWhbrlNJzUH/0Xqz0bdtCjRt5x1BU/aNDBz /RAF0Wc40ARb20rkSKIC6hwJJtwGWLIYnogrm4dX9E1mmcUZNqcl2Own5SEvuRpu /w2M5k3bkolPD6fjxXvCch9OXAG92vgRTUN08dN/sBVvga2tmrVkPMFBjxehYJ/s xZ3gWo5Bqx6sjQOGm9hfqmzAacwnEXG8/q6+M+5Y5R7+Dci5FY46uJVgDoH9Jca9 guI76x92p7m62ScqsA17UUJbdnG/f3tzMboLUnNpDBttYlxc0ISyM5PU7zpNeXSC BsMkiRzTWghdxy596sDk+JPckdTK8MWB2etO/X+WWI90GIqpjUV7hmLuRsHnh5E= =RScc -----END PGP SIGNATURE-----