In case you want to capture directly over an SSH tunnel on your Wireshark GUI tool, you can use ssh tunneling and netcat to do so, by:

# in one terminal, run
nc -lp 4567 | sudo wireshark -k -i -
 
# on another terminal, run
ssh -R 127.1:4567:127.1:4567 your-server.net
\__ tcpdump -iany -nn -w - | nc 127.0.0.1 4567