I wrote this for my daughter, who uses Zorin 16 core. She installed without encryption but now wants to encrypt some things, so I suggested these options. I hope it's useful to someone.
1. encrypt a file with gpg
-c = encrypt with password (-ca for text-format output)
-d = decrypt
-o = name for output file.
Input file name comes last.
encrypt:
gpg -c -o encrypted-file file-to-encrypt
It will ask you to enter the password twice
decrypt:
gpg -d -o decrypted-file encrypted-file
2. encrypt a pdf file
sudo apt install qpdf
qpdf --encrypt password password 256 -- file.pdf encrypted-file.pdf
Any pdf viewer will ask for the password when you try to open encrypted-file.pdf
3. encrypt a folder with gocryptfs
sudo apt install gocryptfs
mkdir Secret
(this folder will contain the encrypted files)
gocryptfs -init Secret
To open the encrypted folder for access, you have to use an empty folder as a mountpoint:
mkdir secret-OPEN
gocryptfs Secret secret-OPEN
Now you can move files into secret-OPEN, edit them, etc. Encrypted versions immediately appear in Secret. To close, close all apps accessing secret-OPEN, then
fusermount -u secret-OPEN
secret-OPEN folder becomes empty. You can delete it and recreate it next time, or just leave it.
4. luks-encrypted partition
sudo apt install cryptsetup
Say sda3 is a new partition you want to encrypt
sudo cryptsetup luksFormat /dev/sda3
WARNING! this will overwrite data on /dev/sda3 irrevocably...
Enter passphrase (twice)
sudo cryptsetup open /dev/sda3 label1
enter passphrase
sudo mkfs.ext4 /dev/mapper/label1
sudo cryptsetup close label1
Now the partition is ready for use. It can be opened through the file manager: no further need for command line Eject (unmount) to close access.
5. encrypted home
sudo apt install ecryptfs-utils
sudo adduser [new user name]
sudo usermod -aG sudo [new user name]
Then follow
https://www.howtogeek.com/116032/how-to-encrypt-your-home-folder-after-installing-ubuntu/