LVM on LUKS is the only secure option for encrypting a Linux/Ubuntu USB system. If someone gets access to an unencrypted USB that's not LVM on LUKS they know what it is and what's on it.
However LVM on LUKS is not easy to implement, so would anyone be kind enough to explain in the easiest steps possible how to?
Thank you.
Unfortunately you are mistaken on several key points.
LVM on LUKS is the only secure option for encrypting a Linux/Ubuntu USB system.
There are other options, such as VeraCrypt, or using dm-crypt directly without LUKS, though LUKS is probably the most common solution. LVM isn't really relevant here, you could just have partitions sitting directly on top of the encrypted device, though using LVM is certainly more common.
If someone gets access to an unencrypted USB that's not LVM on LUKS they know what it is and what's on it.
Even if you use LUKS they'll still be able to tell what it is unless you do something crazy like using a separate device to store the LUKS header (and grub for that matter). I believe VeraCrypt tries to make its header indistinguishable from random data, but you still have to deal with grub somehow in that case.
However LVM on LUKS is not easy to implement
Many Linux distro installers offer an easy way to use LUKS, it's generally not much more than a checkbox and an extra password you have to input.
