To begin with manually encrypting directories, perform the following steps:

1. Install cryptsetup as shown here, which is a utility used for setting up encrypted filesystems:

apt-get install cryptsetup

The preceding command generates the following output:

2. Encrypt your /dev/sdb1 partition, which is a removable device. To encrypt the partition, type the following command:

cryptsetup -y -v luksFormat /dev/sdb1

The preceding command generates the following output:

This command initializes the partition and also sets a passphrase. Make sure you note the passphrase for further use.

3. Now open the newly created encrypted device by creating a mapping:
   
4. Check to confirm that the device is present:

ls -l /dev/mapper/backup2

The preceding command generates the following output:

5. Check the status of the mapping using the following command:
   
6. Dump LUKS headers using the following command:
   
7. Next, write zeros to /dev/mapper/backup2 encrypted device:
   

As the dd command may take hours to complete, we use the pv command to monitor the progress.

8. Now create a filesystem:

mkfs.ext4 /dev/mapper/backup2

The preceding command generates the following output:

9. Then mount the new filesystem and confirm the filesystem is visible:
   

Congratulations! You have successfully created an encrypted partition. Now, you can keep all your data safe, even when the computer is off.