This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-symfony-12.0-squeeze-x86-openstack.tar.gz.sig gpg: Signature made Tue Aug 21 16:48:11 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 1d3cb605dc15bd044dc1a727269944a7d71a226a * md5sum b0dc31d565240374d64c2bf242430eb6 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQM7u/AAoJEIXCXpWhbrlNlEsIAMOAtu8kSxYyy8DlvekHJu61 Me8b3b3Yt0VZ/LxLBhrXD0v1ec+vui4C67CpXfsca71Hj0cZW7na7/rFsMA82Im3 JOO1ggUPdrMHlkkBXzU8tmoR+twxvs4IJVsMj3IDtsr7Bl22fFvw8cOs9UucjIvo ZuheyIEP+mASEbQO0x23dyPBahmw94tG+QTBhvtwzS9isnOF9/URXtEzGh0ilCcw LsubrrgdJZCxeQ4hdTnhw7sHpkqW+TixrTTPuceE3YUK5riem7r71KF5L4nmOM1p gnbUFfmaQx2HWze6fVr1+9+0j/hKPxePS2EDzq58udyGZ7xHLVewzryEdDPZFQc= =WbM8 -----END PGP SIGNATURE-----