Open two terminals !
In the first terminal:
mkfifo /tmp/fifofo ssh email@example.com "sudo tcpdump -s 0 -U -n -w - -i any not port 22" > /tmp/fifofo
In the second terminal:
wireshark -k -i /tmp/fifofo
Now go back to the first terminal and type in the password.
Now you should see the trace in Wireshark!