This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-openldap-12.1-squeeze-i386-openstack.tar.gz.sig gpg: Signature made Tue Jun 4 22:42:08 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 84b6a4d234d3f7b919a2425e3c85db307d6d572c * md5sum e2902450eedfbd375e4ab65b38fb4fa9 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrm02AAoJEIXCXpWhbrlNwjEH/iTvQKazXe3B7CiiMAjk6CH5 ZLQidJjaZo9PaijLNcPAGiXt49BQ3SUWOoC+a+L4ArvtD8yOfDQzurG38o4K6kXt wXUcSs21zKC8AQpOIYgBi8XvuQH/o3vPw1kdzYno+X6hnAcKdFXf1ZGGF7ipdCOX HZ7eK8S8YkXtEN2iqtBQTzbcS1usdtURfGnsLk9nt6OUXRypf3gqvBVPyKU5RYjc /FSE+1Z+MryPji/7aSCxHuFAcODsQlojh9vGb4iyf2xhoGTCd7f++81mEsG+wst9 CMV3thNDkUygMdqAe4vgnLxQOpqSePEXw9CcWOcgW5H+jgSF+jZVJz89fDI8dWU= =zd27 -----END PGP SIGNATURE-----