GnuPG in an automated environment

Can anyone shed more light on these instructions particularly steps 6 and 1 & 2 on target machine? Or is the advanced manual available in English yet - I can’t find it.

On a secure machine:

  1. If you want to do automatic signing, create a signing subkey for your key (use the interactive key editing menu by issueing the command ‘gpg --edit-key keyID’, enter “addkey” and select the DSA key type).
  2. Make sure that you use a passphrase (needed by the current implementation).
  3. gpg --export-secret-subkeys --no-comment foo >
  4. Copy and the public keyring to a test directory.
  5. Change to this directory.
  6. gpg --homedir . --edit foo and use “passwd” to remove the passphrase from the subkeys. You may also want to remove all unused subkeys.
  7. Copy to a floppy and carry it to the target box.

On the target machine:

  1. Install as the secret keyring.
  2. Now you can start your new service. It’s also a good idea to install an intrusion detection system so that you hopefully get a notice of an successful intrusion, so that you in turn can revoke all the subkeys installed on that machine and install new subkeys