How to gracefully terminate an application via SSH on Windows 10?

Question

I've searched far and wide for this through several similar questions, but none of them have worked so far.

Here is my problem: I have two computers, A running Windows 10 and B running Linux. I have notepad running on Windows. If I go to cmd and type "taskkill /im "notepad.exe"", everything works perfectly, even if I haven't opened cmd as Administrator. However, if I ssh from Linux to windows, and perform the same command, I get the error:

ERROR: The process "notepad.exe" with PID 18756 could not be terminated.
Reason: This process can only be terminated forcefully (with /F option).

Note that I'm ssh'ing into the only user the machine has.

For some reasons, I need to be able to terminate a certain app gracefully, as that way it automatically saves any changes I've already made. If I forcefully terminate via "taskkill /f /im "notepad.exe"", I lose whatever progress I may have forgotten to save.

I've went to Computer Management on Windows and tried adding the "sshd" user as a member of Administrator, but that didn't work (I don't even know why it would work, since I'm sshing into my own user).

I've tried opening an Admin session of cmd through ssh, but no luck as well. It seems the problem is not about privilege. I've also tried "wmic process where name="processname.exe" call terminate", but that also closes everything way too forcefully. It seems that it needs to be "taskkill /im"

Does any one have any idea how i can do this.

Update: Desperate and disregarding any common sense about securities, I coded myself a simple console application which would use keyboard hooks to send a "CTRL + S" keyboard message to the application I often need to save and/or close. Low and behold, Windows is safer than I had given it credit. I can run the console app from my local pc just fine, but attempting to run via ssh fails, as the app cannot find the window using FindWindow(), surely as a security measure. To be quite honest, I am just feeling a little bit silly now. Still no positive updates.

Update 2: Another peculiarity: opening GUI software through ssh does not open them in the machine. It shows on the task manager, but it doesn't really open. Additionally, even if opened through ssh, it stil can not be gracefully terminated via ssh with "taskkill /im ". As Eduardo Bissi had commented, this is most likely due to windows managing different sessions for different users, in specific, the SSH user and the local user. I found a few threads: 1, 2, and it seems the solution is to either call Shellexecute on every received UDP package, which sounds insanely unsafe, or to use a different third party SSH server. I've half given up on this.

Update 3: I've created a Flask server that runs on my machine, and when someone sends a GET request to mymachine:5000/Save, it automatically runs the console application I made earlier, which uses a keyboard hook to send a a "Ctrl + S" keyboard message to the application, managing to save all my progress. Then I can force quit without worries. Since the server was started by the local user, and not via SSH, it has no problem running it. This is the dumbest thing ever.

Answer 1

Windows runs each user session in a separate Desktop and isolates them totally from each other. It is very hard to pass messages or commands between desktops, which is an important security mechanism that is used not only for user sessions but also for system services.

In the solution that I propose, I will use the free AutoHotkey in this way: An AutoHotkey script will run continuously, checking each second for the existence of the file C:\Temp\switch. Once it finds that the file was deleted, it will action for all notepad.exe processes the menu items File > Save and File > Exit, then recreate the file for the next time.

This way, all that you would need to do in the SSH session would be to delete the above file. Notepad will save its contents and exit, with no need for running taskkill, and the file will be recreated for the next time.

The AutoHotkey script to use would be:

#Persistent                                                 ; stay resident

SetTimer, CheckSwitch, 1000                                 ; run every 1000 milliseconds
return

CheckSwitch:                                                ; executing each time this code
if !FileExist("C:\Temp\switch") {                           ; if the file "C:\Temp\switch" was deleted 
    WinMenuSelectItem, ahk_exe notepad.exe, , File, Save    ; press menu File > Save
    Sleep, 500                                              ; wait 500 milliseconds
    WinMenuSelectItem, ahk_exe notepad.exe, , File, Exit    ; press menu File > Exit
    Run, %comspec% /c echo waiting > "C:\Temp\switch"       ; create the file anew
}
return

After installing AutoHotKey, put the script in a .ahk file and double-click it to test. You may stop the script by right-click on the green H icon in the traybar and choosing Exit. To have it run on login, place it in the Startup group at C:\Users\USER-NAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup.

Answer 2

My guess is that, although you are using the same user to connect, the command isn't executed in the same "session space" if there is such a thing. I was able to reproduce this behavior by using a second user (not through SSH) and runas as the first.

The SSH service is executed with user "NT Service\SSHD", so it's a different user. You may achieve the desired result if you make it run with your user, but I don't know the implications of doing so. Unfortunately I cannot test here (my Windows 10 is home edition).

If willingly to test, create a restore point first. Also, I suggest creating a copy of the service entry, disable the original and work only with the copy.

I hope this helps.