This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-lamp-12.1-squeeze-amd64-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 13:49:17 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 3fd4ec213b609455e2957caa5b7a66f26ad11dde * md5sum ba0557e8d353a66ab2ea3845e9bb44f1 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrfBWAAoJEIXCXpWhbrlNc0wH/RRyLMreHv+BrnFrTheO9HZr rtnSU9YKMrV0D8BZCmMpulY7A+CH7dCcqXu6erqlrbvTEZNIgz9JHVuVkTn/Zizn twwfDXKrJM7FyYd6FIZuiHRHfysN1oTq5uAeafiVNLQ8EavSuT0bC99LI0zrIpIq JX8k5kzWc6UA67KugfMjX/0pcF83g5Zty2456fPnVCmD8ZEj8LbkBTogAqDEUoZs 3Z3QwxsHQiMXWTxNjtVFdBFpRSZS4tvKz094z09uYQ92bN55Vri+9x8ZHiaaXXEP EPBXiLhHjnn4y/uSlWOXV8tuEEsLtzG60bihMvMPwcW+fGkWTJ63vOVK3f9Ujao= =ZV0w -----END PGP SIGNATURE-----