GPG with the CCID Driver
Unless you’re using Debian, where people care about this, chances are
that setting up GPG Smartcards with your Linux distribution is an
adventure. There are two ways to do it, CCID and PCSCLite, the latter
of which runs a background service pcscd – as root, at least on Arch,
while GnuPG’s built-in CCID driver accesses the reader directly
through the USB device, but took me a lot longer to figure out how to
use.
Problem
You’re getting a “card error” when trying to access the card. The same thing works as root.
$ gpg --card-status
gpg: selecting openpgp failed: Card error
gpg: OpenPGP card not available: Card error
$
When trying the same as root, you can access the card.
Solution
Add a udev rule that changes file permissions for you, as documented on
https://wiki.archlinux.org/index.php/GnuPG#Smartcard_not_detected
Add your user to a new user group that can read smartcards, and give
that group read-write access to the device when it’s plugged in, by
creating a file /etc/udev/rules.d with the rule:
ACTION=="add", SUBSYSTEM=="usb", ENV{ID_VENDOR_ID}=="08e6", ENV{ID_MODEL_ID}=="3438", MODE="660", GROUP="scard"
(Figure out the values for the vendor and model ID using lsusb, they are printed separated with a colon.)