This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-ushahidi-13.0-wheezy-amd64-openstack.tar.gz.sig gpg: Signature made Wed Oct 16 10:47:14 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum e2824217c376ce202ad3aa7daee967ee284636f4 * md5sum d63d62b350ca2eb8fe8b8454eaa091d9 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXm6pAAoJEIXCXpWhbrlNq7gH/0CsNQ2MZO7PsDW4EbqHRlgB 2gi6UMk4TWG0eWNtX7z+vV4m+zcsnvtg+PpuOaVIHtRfPztaNwrvLuP4iz0TMlRd rbEFxA7PXcvuRnw8x1FOSCfI8G5meXvu+echfOdWC9Wst5yV0tVqx4liERfvOmRk x8E2c2K7rHt6jgwOdk0o5BdYagkp0TzRKGtLZ3ifR5/kgIiCY5/jAUuYC3KW2YfN LhY+2RRYG5uzaHGqgFXyT76xwJK81IXgTs3QAocfw275pGFPFKiNtLtDpe68sjeH bb8Nk/r5ZUUwJyMj6L3JTHQC0AnN170pM/xo6oi/fpfSFtECYYAMrfvAYVM1Re8= =UG8b -----END PGP SIGNATURE-----