diff --git a/openpgp/gitprotect.sh b/openpgp/gitprotect.sh
index 04ac4bf0a73bd954a4ff40994193da6ded183890..e727cb1f24a989b3d2db030ed92ef8f763ce67b8 100755
--- a/openpgp/gitprotect.sh
+++ b/openpgp/gitprotect.sh
@@ -201,6 +201,37 @@ if [[ $command == "init" ]]; then
 
     # Initialise the GnuPG files in local directory.
     gpg2 --batch --homedir "$gnupgHome" --list-keys 2>/dev/null
+
+    # Set-up a .gitignore file that will exclude some temporary files from being
+    # tracked, as well as decrypted files.
+    cat <<EOF >> .gitignore
+# BEGIN gitprotect.sh
+.gnupg/pubring.gpg~
+.gnupg/random_seed
+.gnupg/secring.gpg
+decrypted/
+# END gitprotect.sh
+EOF
+    # Add the empty keyring and gitignore file to the index so they can be
+    # committed by the user.
+    git add .gnupg/
+    git add .gitignore
+    cat <<EOF
+$program has set-up the repository directory for encryption. Before proceeding,
+please commit the changes. The commit includes empty public and trust keryings for
+GnuPG, and gitignore file that prevents inclusion of decrypted files and
+temporary GnuPG files.
+
+Before proceeding with the commit, verify the changes with:
+
+git status --staged .
+
+After you have verfied the changes, commit the changes with (you may specify
+alternative message):
+
+git commit .gnupg .gitignore -m "Configured directory for use with gitprotect.sh"
+
+EOF
 elif [[ $command == "addkey" ]]; then
     gitprotectConfigured || exit "$ERR_NOCONFIG"