Encrypt secondary disk – Linux

To set up cryptographic volumes, you need to back up the data first and restore data after the encryption is setup.

rsync -Pav <source/> <backup_destination/>

Once the backup is completed, install cryptsetup
sudo apt install cryptsetup

Create the encrypted partition
sudo cryptsetup --verbose --verify-passphrase luksFormat <device_name>
Provide passphrase once prompted, you could use fdisk -l to find the correct device.

Open the encrypted device
sudo cryptsetup luksOpen /dev/vdb1 vdb1 # the device name was vdb1 in my case
This will prompt the passphrase to open the device

Create the required file system
mkfs.ext4 /dev/mapper/vdb1

You could remove the ext4 reservation if not required
tune2fs -m 0 /dev/mapper/vdb1

Create mount directory
mkdir /mnt/secondary

Mount the device
mount /dev/mapper/vdb1 /mnt/secondary