1. GNU Privacy Guard
GNU Privacy Guard (GnuPG) is actually an open-source implementation of Pretty Good Privacy(PGP). While we can install the command line version on some operating systems, most people choose from the dozens of frontends and grafphical interfaces for it, including the official releases that can encrypt everything from email to ordinary files to entire volumes.
All GnuPG tools support multiple encryption types and ciphers, and generally are capable of encrypting individual files one at a time, disk images and volumes, or external drives and connected media. A few of us nominated specific GnuPG front-ends in various threads. Those of us who nominated GnuPG praised it for being opensource and accessible through dozens of different clients and tools, all of which can offer file encryption as well as other forms of encryption,like robust email encryption for example. The key, however, is finding a frontend or a client that does what we need it to do and works well with our workflow. An all-in-one GnuPG solution that offers keychain management as well as file, email, and disk encryption for Linux.
2. Whole disk encryption
Sometimes, it can just be easier to encrypt everything on your system. That way, there’s little need to worry about what files are stored where. Everything is protected, so long as our PC is off. Windows users may recall that VeraCrypt (or TrueCrypt) can encrypt drive partitions and entire disks. This can be done on Linux as well, but most users will likely prefer to use Linux’s built-in disk encryption tool,dm-crypt. By itself, dm-crypt and its tool cryptsetup are very basic and can be a little cumbersome, since dm-crypt can only use a single key. Most people prefer to use Linux Unified Key Setup (LUKS) to manage keys for an encrypted device, which allows up to eight keys to be used with dm-crypt, such that any one key or passphrase supplied can unlock the drive. When using dm-crypt to encrypt a drive, a passphrase must be entered at boot time to unlock it. The minute we turn on our PC and unlock the disk, files on the system can be read as though it weren’t encrypted at all. If our laptop is stolen and we don’t have a screen lock enabled, someone could simply compromise our system as long as it has power.
3. Gnome Encfs Manager
Gnome Encfs Manager is a GUI tool for the venerable encfs file encryption system. It should be noted that there is a vulnerability with encfs that, should our systems be prone to attack, makes encfs not ideal for sensitive data. However, if our host system (or network) isn’t prone to attack, we should be good to go. Gnome Encfs Manager makes creating “stashes” easy. With just a few clicks, we can create and configure a hidden folder on our Linux directory. Options include mounting on boot, idle timeout locks, stash groups, and password change. Gnome Encfs Manager can work only with encfs, so we won’t be decrypting containers from other system this is Linux only.