Because I was not very satisfied with the results of googling “wireshark remote capture x forwarding”, I wrote this little tutorial for my happiness.
1. To enable X11 forwarding on the server you need at least the xauth program.
On the remote server install the following:
apt-get install xserver-xorg
apt-get install xbase-clients
apt-get install wireshark
2. on local machine:
# ssh -X root@remotemachine
3. Go to Capture > Options > Interface > Pseudo-Device