I need some information regarding any possibility to do full disk encryption for a already installed Linux system (e.g. centOS or Ubuntu).
Is there any default mechanism for FDE present in Linux like FileVault in macOS?
I have done some research on this and come across dm-crypt which is the standard device-mapper encryption functionality provided by the Linux kernel.
My need is to have a shell/bash script to be invoked in the Linux machine for doing full disk encryption.
install cryptsetup-reencrypt (not installed by default) highly advise using from a chroot environment though.
In short, FDE would be an issue you would want to address during the install. If your partitioning schema uses LVS you could set up an encrypted volume using LUKS and copy system files to it, and reassign mount points in your /etc/fstab file, but this is ill advised, and very likely error-prone.
Now that your install is already 'mature' (in the sense that it's already installed and broken in), you might be better off concentrating on encrypting your home folder instead. For such operations you might look into cryptsetup or encryptfs. With full-disk encryption, a running machine is already in the auth'ed environment, whereas home folder encryption at least has the benefit of keeping the volume in question encrypted as long as the user isn't logged in.
But in summary, your best option to look into if still wanting full disk encryption (or at least partition encryption at this point in your install's maturity) would be LUKS.
