Under Linux, we have two main methods of encrypting files and directories. One is file system level encryption, in which you can selectively encrypt certain files or directories (for example,/home/alice). This is a great way for me, and you don't need to reinstall everything to enable or test encryption. However, file system-level encryption has some drawbacks. For example, many modern applications cache (partial) files in unencrypted portions of your hard disk, such as swap partitions,/tmp, and/var folders, which can lead to privacy leaks.
Another way is the so-called full-volume encryption, which means that the entire disk will be encrypted (possibly in addition to the master boot record). All-in-one encryption works at the physical disk level, and every bit written to the disk is encrypted, and anything read from the disk is decrypted in the run. This prevents any potentially unauthorized access to unencrypted data and ensures that everything in the entire file system is encrypted, including the swap partition or any temporary cache data.
File system level Encryption
EncFS: One of the simplest ways to try encryption. ENCFS works on a fuse-based pseudo-file system, so you just need to create an encrypted folder and mount it to a folder to work.
Ecryptfs: A POSIX-compatible encrypting File System, ECRYPTFS works the same way as ENCFS, so you have to mount it.
Disk-level encryption
Loop-aes: The oldest method of disk encryption. It's really fast and works for legacy systems (e.g., 2.0 kernel branches).
Dmcrypt: The most common disk encryption scheme that supports the modern Linux kernel.
Ciphershed: An open source branch of the TrueCrypt disk encryption program that has been stopped.
If you are very concerned about your privacy, it is best to combine encryption based on ECRYPTFS file system level with full-scale encryption. Remember that only file encryption does not guarantee that your privacy will not be violated.
This article from the "Little Flash" blog, declined to reprint!
Encrypting files and directories under Linux