I'm tearing my hair out and will be extremely grateful to any of you who seem to find all this so easy.
I'm at the following:
Public Key Verification
Verify ownership of the provided public key
Below is an encrypted challenge message containing a token. The message has been encrypted using the public PGP key you saved in your settings. Use your private PGP key to decrypt the message and submit the token inside to verify your ownership of the associated private PGP key.
So I copy/paste the PGP message into GNU Privacy Assistant Clipboard, hit decrypt, copy/paste the gibberish into "Token", click "verify," and then it refreshes and I start all over again with a message saying "invalid token."
Check the public key in your profile, and make sure again it is right.
If you get the token after decrypting the message, make sure there are no extra spaces before and after.