diff --git a/etc/default/grub.d/40_kernel_hardening.cfg b/etc/default/grub.d/40_kernel_hardening.cfg
index c6fc47c..b11f1c2 100644
--- a/etc/default/grub.d/40_kernel_hardening.cfg
+++ b/etc/default/grub.d/40_kernel_hardening.cfg
@@ -45,6 +45,10 @@ if dpkg --compare-versions "${kver}" ge "5.2"; then
 fi
 
 ## Enables kernel lockdown.
-if dpkg --compare-versions "${kver}" ge "5.4"; then
-  GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX lockdown=confidentiality"
-fi
+##
+## Disabled for now as it enforces module signature verification which breaks
+## too many things.
+##
+#if dpkg --compare-versions "${kver}" ge "5.4"; then
+#  GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX lockdown=confidentiality"
+#fi