When upgrading a VyOS installation by using "add system image" there is a part that migrates current configuration and SSH keys like so:
Installing "1.4-rolling-202308060317" image. Copying new release files... Would you like to save the current configuration directory and config file? (Yes/No) [Yes]: Copying current configuration... Would you like to save the SSH host keys from your current configuration? (Yes/No) [Yes]: Copying SSH keys... Running post-install script... Setting up grub configuration... Done.
However already learned and verified fingerprints of SSH hosts are not migrated which means that after an upgrade using "add system image" and reboot you must verifiy and approve SSH fingerprints again:
The authenticity of host '<REMOVED> (<REMOVED>)' can't be established. <REMOVED> key fingerprint is <REMOVED>. This key is not known by any other names. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '<REMOVED>' (<REMOVED>) to the list of known hosts. <REMOVED>@<REMOVED>'s password: