The swap partition can hold a lot of unencrypted confidential information and the fact that it persists after shutting down the computer can be a problem.
Encrypting a swap partition however is slightly tricky if one wants to also support suspend-to-disk (also called hibernation). Here's a procedure that worked for me on both Debian Lenny and Ubuntu 7.10 (Gutsy Gibbon):
Install the cryptsetup package:
apt-get install cryptsetup
Setup the encrypted partition as root:
swapoff -a cryptsetup -h sha256 -c aes-cbc-essiv:sha256 -s 256 luksFormat /dev/hda2 cryptsetup luksOpen /dev/hda2 cswap mkswap /dev/mapper/cswap
Add this line to /etc/crypttab:
cswap /dev/hda2 none swap,luks,timeout=30
Set the swap partition to be this in /etc/fstab:
/dev/mapper/cswap none swap sw 0 0
Configure uswsusp to use /dev/mapper/cswap and write unencrypted data
dpkg-reconfigure -plow uswsusp
You will of course want to replace
/dev/hda2 with the partition that currently holds your unencrypted swap.
(This is loosely based on a similar procedure for Ubuntu 6.10.)