Thanks!

I can no longer login to his paypal, so I believe it is now safe to disclose his password and how I guessed it: After server run his program he posted something (maybe an error messages) which contained a login name and password for his ftp: btc:btcwh1t3p0w3r. And these also worked for ssh. I tried logging in as root with that password, and it didn't work. So I omitted the 'btc' part and tried just 'wh1t3p0w3r' which did work.

Oh, and his e-mail address contains his name, so we have that too. (I'm not making that public, but theymos can probably see it if needed.)