Searching for a way to encrypt your files or filesystem on Linux can be an overwhelming choice. At a simple search you find different terms and solutions such as: encfs, dm-crypt, truecrypt, loopback crypt, aespipe, LUKS, etc. The answer is obviously historical. There are a lot of solutions some of them deprecated. I remember a few years ago I solved a similar problem using a tool (can’t remember which) which I was unable to find 2 years later thus remaining with a large file and lost data. Here is a method to encrypt a filesystem or file using LUKS.
0. install packages
apt-get install cryptsetup
1. create a file (it will not be resizable)
sudo dd if=/dev/zero of=/tmp/encfs.dsk bs=1M count=1000
2. create a device from file
losetup /dev/loop0 /tmp/encfs.dsk
[yes, I could have encrypted the file using the -e option, eg. cryptoloop as I did in the past but this is not the point of the example]
3. if you are using a filesystem just skip above steps and replace /dev/loop0 with you block device (/dev/sdb1 for example).
4. load modules
modprobe dm-crypt
modprobe sha256
modprobe aes
5. initialize device (256 bit aes with sha256 padding)
cryptsetup --verify-passphrase luksFormat /dev/loop0 -c aes -s 256 -h sha256
6. create the mapped device
cryptsetup luksOpen /dev/loop0 encdisk
this created a /dev/mapper/encdisk device which can be used as a normal disk (format, etc.)
7. create the filesystem
mkfs -t ext3 /dev/mapper/encdisk
8. mount the filesystem
mkdir -p /media/encdisk
mount /dev/mapper/encdisk /media/encdisk
9. the filesystem is ready to use in /media/encdisk
10. unmount and detach
umount /media/encdisk
cryptsetup luksClose encdisk
losetup -d /dev/loop0
11. remount again
losetup /dev/loop0 /tmp/encfs.dsk
cryptsetup luksOpen /dev/loop0 encdisk
mount /dev/mapper/encdisk /media/encdisk
With these 11 steps you can have an encrypted file or usb-stick to put all your precious data inside :)