To create a file container encrypted with LUKS/dm-crypt, using cryptsetup as the user-space tool (both available in Ubuntu repositories), follow these steps:

0. Install cryptsetup:

sudo apt install -y cryptsetup

1. Create the actual container, containing random data:

sudo dd if=/dev/urandom of=/path/to/your/file.bin bs=1M count=1024

This will create a 1GB (1024 x 1MB) container at the location you specify in the of parameter, adapt the size to your need via the count parameter.

2. Mount the file container as a loopback device:

sudo losetup -f --show /path/to/your/file.bin

Note the loop device number that is assigned by losetup.

3. Create the encrypted container:

sudo cryptsetup luksFormat /dev/loopX

where you replace loopX with the actual device number you noted just before. Choose your password when prompted. You can verify that the container has been correctly formatted by LUKS by doing

sudo cryptsetup luksDump /dev/loopX

4. Map the encrypted container (you can replace c1 by whatever name you want):

sudo cryptsetup luksOpen /dev/loopX c1

5. Create a filesystem in the mapped container - here I use ext4:

sudo mkfs.ext4 /dev/mapper/c1

6. Finally, mount the file system anywhere you want:

sudo mount /dev/mapper/c1 /mnt

After that, to use the container you repeat steps 2, 4 and 6. This can easily be automated in a script.

LUKS encryption has many other useful features, such as keyslots, detached headers etc. that I let you discover for yourself.

And remember, the single most important thing when encrypting stuff is CHOOSE A STRONG PASSWORD.