alt Hacker NewsIt is quite hard to do this safely on typical Linux systems, since there is a substantial amount of writable system data (e.g. syslog, /etc, /var). If unencrypted they will leak data, and if encrypted there is little difference from just encrypting the root.
You encrypt the entire partition with LUKS. Not individual folders and files.