Assuming a master+subkey setup, where the goal is to make the subkeys available on a network connected machine (laptop), additional security can be gained by changing the passphrase of the subkeys. This will give additional security to the master key - if the passphrase was keylogged on the laptop, and somehow the attacker managed to get to the offline-securily stored master key, they will still not be able to access it.
In the secure environment:
# create master+subkeys as usual.
$ mkdir /tmp/laptop
$ chmod 700 !$
$ gpg --export-secret-subkeys <keyid> >/tmp/subkeys.gpg
$ gpg --homedir /tmp/laptop --import </tmp/subkeys.gpg
$ gpg --no-greet --homedir /tmp/laptop --edit-key <keyid>
Secret key is available.
...
gpg> password
Secret parts of primary key are not available.
You need a passphrase to unlock the secret key for
...
Enter passphrase:
Enter the new passphrase for this secret key.
Enter passphrase:
Repeat passphrase:
gpg> save
$
/tmp/laptop/
is now ready to be transfered across.
Note that these steps have to be repeated for every modification/addition of subkeys.