This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-lamp-12.1-squeeze-i386-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 21:50:44 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 0c5052b2535761204eded7c758d9f851ed397312 * md5sum a3f77e89c8e6e9be1b7f6dcae989e549 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrmEoAAoJEIXCXpWhbrlN4fMH/1pl+pKj5FP+vduX8/bXqaza qE9LKltf2lZZfJ6GnG4fEta31D/3EsiDEgd4F/DytF3gdkbmgNjeGhey3zG/yrg7 R9QuFydOJXXJUzTPXG3bd91lLu0t7lj+JXiQggxcCAvQ/zlVkJhKv93mmRg5n+x2 XT7PFLuFkGK/tThgR6GB5MNgdy5pfajmN181S+SgtGmglpmNLNaf2thPh3Yxu0RM DMOLao6p2rsr6Vjz2hgo4b2xoki2idDShOr8ijCRWYu26D6qH1ag/E1brRH0nZhA 6jK+2vhCNo91JKPfkwXy4oRI9L8NZxto2mcRe6CiDsbayLdjPRLH0EQruZxyeHQ= =ShKP -----END PGP SIGNATURE-----