So I figured to protect my data, should anyone steal any of my computers, I'd set up my file systems to be encrypted. Of course, this is not a perfect solution, but hopefully it's good enough.

I found some good guides over at: some blog and stack overflow.

The process in short:

Format the disk.

sudo cryptsetup luksFormat -c aes -h sha256 /dev/<harddrive>

Open the encryption and create your file system.

sudo cryptsetup luksOpen /dev/<harddrive> encrypted_disk
sudo mkfs.ext4 /dev/mapper/encrypted_disk

Mount it manually,

sudo mkdir /storage
sudo mount -t ext4 /dev/mapper/encrypted_disk /storage

Umount and close the encryption.

sudo umount /storage
sudo cryptsetup luksClose encrypted_disk

The Stack Overflow discussion describes the process of writing random data to a usb drive, extract a portion to use as a keyfile, and then script the system to ensure the keyfile is properly loaded at boot time.

I'm not sure if it was my own fault, of if there is a flaw with the system, but it uses a file, passphrase-from-usb-tried in order to check whether it has tried the usb key already. If this file is not manually removed before the next boot, you will have a very hard to decrypt your system.

Oh and by the way, this doesn't seem to work on the radxa, my hypothesis is that its kernel lacks the encryption support, because it probably doesn't have hardware support.