This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-moinmoin-13.0-wheezy-i386-openstack.tar.gz.sig gpg: Signature made Tue Oct 15 17:07:05 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 65c81aefb38315710b2fa4b7e026aabd315fb478 * md5sum 044a9d1a79b96bbab2d49f93d6453484 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXXYwAAoJEIXCXpWhbrlNsEsIAKYtDeb/ATsAJ24cqHU5tTYM smAi/LnBgePHUPKDQ/cANcvVRZ4ndSsjmldGTQZ9+0BhOIQipM1I4n9e3EFF4AK5 0OYOWmjmY5jPHZOq1ixQIgOqTLUbRH55Tp2Lq4uW1kWhDyDIkQUjxFyb6GkHHQnP FqETcOnKtqqMPsQOGTv94zbPQQPiTVW45jSlmNMfTW8GZ57/kVKcqNhQPb+kSpkB 8TcEkNLMuporiiwW6+QZ7xjSlOAc3VuBI5rg8OP62a0rb95i+PStPwFeQAfQJIJQ mTBoQSXpAPBo7Ku64yy3JHnMROhA7EwAnSFw9xaHONvYbaPnx2kWjp+s6qQa5Ms= =bOhX -----END PGP SIGNATURE-----